摘要
基于角色的访问控制模型作为一个组织内安全策略系统的实现方法,因其简易高效的授权方式和便捷的授权维护模型,被广泛应用于各类工作流管理系统。针对工作流环境的诸多不安全因素,提出了一个适应于工作流环境的基于角色控制的工作流安全访问的改进模型。该模型在传统RBAC模型中引入了任务案例(TC)、用户管理(UM)、任务(T)的3种关系元素,设计了动态授权机制,并在某公司电气销售系统应用中初步实现了该模型与工作流引擎组件的框架集成,提供了独立安全域内的安全授权服务。研究表明,该模型能较好地解决工作流管理系统中动态职责分离、动态职责绑定、案例间约束、互惠职责分离等系统不安全因素,可为工作流管理系统的安全运行提供技术支持。
Security model of access control based on role as a realization method of security strategy in organization,has been widely used to various workflow management system because of authorization mode being simple and highly active as well as authorization maintenance model being nimble.Aimed at the puzzle of insecurity factors in workflow environment,the paper proposed a sort of security access model suited to workflow environment based on workflow of role control.In the paper,it introduced task cases,user management,task of three relation elements in the traditional model of RBAC,designed the dynamic authorization mechanism,and realized the frame integration between the model and workflow engine module in a certain electric sell system of Corp.limited,and also provided the security authorization service in independent security field.The research result shows that it can better overcome the insecurity factors of system such as separation of dynamic duty,binding of dynamic duty,constraint between cases and separation of reciprocal duty,and provide powerful support for security operation of workflow management system.
出处
《重庆理工大学学报(自然科学)》
CAS
2011年第3期78-82,共5页
Journal of Chongqing University of Technology:Natural Science
基金
重庆理工大学科研青年基金项目(2010ZQ21)