摘要
通过对目前比较典型的几种基于角色的访问控制模型进行简要分析比较,明确SARBAC/SARBAC-HH模型在角色层次管理方面具有更为突出的优势,但模型中角色、权限分配管理存在问题,针对这些问题,提出提出一种以SARBAC/SARBAC-HH模型的框架结构为主体的改进模型——WARBAC模型,该模型利用ARBAC02模型中的组织结构的思想对角色、权限分配管理策略进行了重新定义和设计,分析表明WARBAC模型既具有角色层次管理的简单性,又实现了较为复杂的合理的角色、权限分配管理。
SARBAC/SARBAC-HH models are dominative in implementation of role hierarchy management by analyzing and comparing several typical role-based access control models.Some issues in role and permission assignment management existed in SARBAC/SARBAC-HH models.In view of these issues,an improved model named WARBAC,based on SARBAC/SARBAC-HH models,is put forward.In the model,the administrative policy of role-permission assignment is redefined and redesigned by resorting to the conception of the organization structure of the ARBAC02 model.Analysis results show that WARBAC is simple in role hierarchy management and is reasonable in complicated role-permission assignment management.
出处
《计算机工程与应用》
CSCD
北大核心
2009年第36期95-98,141,共5页
Computer Engineering and Applications
关键词
基于角色的访问控制
角色层次
权限
Role-Based Access Contro(lRBAC) role hierarchy permission