期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于RBAC的多域策略冲突及其检测方法 被引量:1

Multi-domain Policy Conflicts and Detection Methods Based on RBAC
原文传递
导出
摘要 针对多安全域之间的访问控制问题提出了策略冲突分类及其检测方法。研究了基于RBAC的多域安全互操作模型及其安全特性,分析了由于引入角色映射带来的策略冲突并对这些冲突进行分类。根据多域环境的特点将安全域角色系统抽象成有向图,利用有效角色系统和角色层次关系,提出了基于角色系统有向图的策略冲突检测方法。最后对方法的计算复杂度进行了分析并给出策略冲突的解决方法。 For the access control in multi-domain, this paper proposes a method for policy conflicts classification and detection. The secure interoperation model based on RBAC and its security characteristics are studied, the policy conflicts resulted from the introduction of role mapping are analyzed and classified. The role system is abstracted as directed graph, and the effective roles and role hierarchy are utilized to propose a method based on directed graph of role system for detecting policy conflicts. Finally, the computational complexity?of the proposed method is analyzed, and the solutions for policy conflicts are given.
作者 谷和武 潘理
机构地区 上海交通大学电子信息与电气工程学院
出处 《信息安全与通信保密》 2010年第6期84-86,共3页 Information Security and Communications Privacy
基金 国家自然科学基金资助项目(批准号:60903191) 国家高技术研究发展计划(863)资助项目(编号:2007AA01Z457)
关键词 安全互操作 策略冲突 有向图 secure interoperation policy conflict directed graph
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

  • 1朱虹,雷洁.基于角色的语义相关XML访问控制模型[J].信息安全与通信保密,2006,28(9):128-130. 被引量:1
  • 2Kapadia Apu,Al-Muhtadi Jalal,Campbell R.Secure Interoperability Using Dynamic Role Translation[C]//Proceedings of the First International Conference on Internet Computing.LasVegas:CSREA Press,2000.
  • 3Joshi J B D,Bhatti R,Bertino E,et al.Access-control Language for Multidomain Environments[J].IEEE Internet Computing,2004,08(06):40-50.
  • 4Shafiq B,Joshi J B D,Bertino E,et al.Secure Interoperation in A Multidomain Environment Employing RBAC Policies[J].IEEE Transactions on Knowledge and Data Engineering,2005,17(11):1557-1777.
  • 5吴迪,朱淼良,陈溪源,林建.分布式环境下基于RBAC互操作的安全检测[J].浙江大学学报(工学版),2007,41(9):1552-1556. 被引量:9
  • 6Joshi J B D,Bertino E,Ghafoor A.Formal Foundation for Hybrid Hierarchies in GTRBAC[J].ACM Transactions on Information and System Security,2008,10(04):01-39.

二级参考文献13

  • 1廖振松,金海,羌卫中.一种对IRBAC2000模型的改进方法[J].华中科技大学学报(自然科学版),2005,33(z1):292-295. 被引量:5
  • 2[1]Gowadia V,Farkas C.RDF Metadata for XML Access Control.ACM Workshop on XML Security,2003:39-46
  • 3叶茂盛,杨冬青等.一种基于角色访问控制的XML安全策略[J].计算机科学,2001,28(8):302-307.
  • 4[4]Vijay P,Hongchi S.XML Access Control for Semantically Related XML Documents.Proceedings of the 36th Hawaii International Conference on System Sciences,2002
  • 5OSBORN S,SANDHU R,MUNAWER Q.Configuring role-based access control to enforce mandatory and discretionary access control policies[J].ACM Transactions on Information and System Security,2000,3(2):85-106.
  • 6KAPADIA A,AL-MUHTADI J,CAMPBELL R.Secure interoperability using dynamic role translation[C]∥ Proceedings of the First International Conference on Internet Computing.Las Vegas:CSREA Press,2000:231-238.
  • 7JOSHI J B D,BHATTI R,BERTINO E,et al.Access-control language for multidomain environments[J].IEEE Internet Computing,2004,8(6):40-50.
  • 8BONATTI P,VIMERCATI S D C,SAMARATI P.An algebra for composing access control policies[J].ACM Transactions on Information and System Security,2002,5(1):1-35.
  • 9SHAFIQ B,JOSHI J B D,BERTINO E,et al.Secure interoperation in a multidomain environment employing RBAC policies[J].IEEE Transactions on Knowledge and Data Engineering,2005,17(11):1557-1577.
  • 10AO Xu-hui,NAFTALY H.Flexible regulation of distributed coalitions[C]∥Proceedings of the 8th European Symposium on Research in Computer Security.Berlin:Springer,2003:29-60.

共引文献8

同被引文献10

  • 1GONG Li, QIAN Xiaolei. Computational Issues in Secure Interoperation[]]. IEEE Transactions on Software Engineering, 1996, 22(1): 43-52.
  • 2GEETHAKUMARI G, NEGI A, SASTRY D. A Cross-domain Role Mapping and Authorization Framework for RBAC in Grid Systems[J]. International Journal of Computer Science and Applications, 2009, 6(1): 1-12.
  • 3KAMATH A, LISCANO R, SADDIK A. User-credential based Role Mapping in Multi-domain Environment[C]// International Conference on Privacy, Security and Trust. New York: ACM, 2006.
  • 4WICKRAMAARACHCHI G, QARDAJI W, LI Ninghui. An Efficient Framework for User Authorization Queries in Rbac Systems[C]//Proceedings of the 14'h ACM Symposium on Access Control Models and Technologies. New York: ACM, 2009: 23-32.
  • 5SHAFIQ B, JOSHI J, BERTINO E, et al. Secure Interoperation in a Multi-domain Environment Employing RBAC Policies[J]. IEEE Transactions on Knowledge and Data Engineering, 2005, 17(11): 1557-1577.
  • 6SANDHU R. Role Activation Hierarchies[C]//Proceedings of the Third ACM Workshop on Role-based Access Control. NewYork: ACM, 1998: 33-40.
  • 7李敏,高悦翔.动态角色访问控制模型的研究与应用[J].通信技术,2009,42(5):221-223. 被引量:5
  • 8张帅,陈晓辉,侯桂云.基于团队和任务的RBAC访问控制模型[J].通信技术,2009,42(11):119-120. 被引量:1
  • 9周晓军,蒋兴浩,孙锬锋.RB-RBAC模型的研究与改进[J].信息安全与通信保密,2010,7(4):100-102. 被引量:8
  • 10何长龙,李伟平,贺建忠,魏明欣.基于策略的RBAC统一授权模型研究[J].信息安全与通信保密,2010,7(6):77-81. 被引量:4

引证文献1

二级引证文献3

信息安全与通信保密
2010年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部