期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

用基于RBAC的方法集成遗产系统的访问控制策略 被引量:2

Using RBAC-based Approach to Integrate Access Control Policies in Legacy Systems
下载PDF
导出
摘要 访问控制是软件系统的重要安全机制,其目的在于确保系统资源的安全访问。针对多数遗产系统的访问控制不是基于角色的且其实现形式多样,提出了一种基于RBAC的访问控制策略集成方法。该方法将遗产系统中的权限映射为集成系统中的任务,能够在任务树和策略转换规则的基础上使用统一的形式重组访问控制策略。此外,该方法给出了一组用于实现后续授权操作的管理规则。案例分析表明,提出的方法是可行的,能够有效地集成遗产系统的访问控制策略,并将RBAC引入遗产系统的访问控制。 Access control whose objective is to ensure the security of accessing to resources in software systems is an essential part for software systems.As access control policies in legacy systems seldom based on roles are represented in various forms,an RBAC-based approach was proposed to integrate these access control policies.The approach maps permission of legacy systems to tasks of integrated system.Based on task trees and transformation rules of access control policy,various access control policies were reorganized in a unified form.Moreover,management rules were provi-ded to achieve further authorization.A case study is demonstrated to depict the proposed approach is a feasible solution to integrate legacy access control policies and introduce RBAC into legacy systems.
作者 李寒 郭禾 王宇新 陆国际 杨元生
机构地区 大连理工大学计算机科学与技术学院 大连理工大学软件学院
出处 《计算机科学》 CSCD 北大核心 2011年第7期126-129,138,共5页 Computer Science
关键词 基于角色的访问控制 访问控制策略 遗产系统 集成 任务 Role based access control Access control policy Legacy system Integration Task
分类号 TP311.5 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献9

  • 1Bennett K H. Legacy system: coping with success [J]. IEEE Software, 1995,12(1) : 19-23.
  • 2Chen F, Li S, Yang H. Enforcing role-based access controls in software systems with an agent based service oriented approach [C] // Proceedings of 2007 IEEE International Conference on Networking, Sensing and Control. London, UK : IEEE Computer Society,2007:15-17.
  • 3Bertino E. RBAC models-concepts and trends[J]. Computers &. Security, 2003,22(6) : 511-514.
  • 4王治纲,王晓刚,卢正鼎,李瑞轩.OntoRBAC:基于本体的RBAC策略描述与集成[J].计算机科学,2007,34(2):82-85. 被引量:8
  • 5Memon Q A. Implementing role based access in healthcare Adboc networds[J]. Journal of Networks, 2009,4(3) : 192-199.
  • 6万宏辉,朱更明.基于Web Service的多Web应用系统访问控制集成[J].计算机应用与软件,2009,26(7):28-30. 被引量:4
  • 7Li N,Mao Z. Administration in role-based access control[C]// Proceedings of 2nd ACM Symposium on Information, Compuu'r and Communications Security. Singapore: ACM New York, 2007: 127-138.
  • 8Dekker M A C, Crampton J, Etalle S. RBAC administration in distributed systems[C]//Proceedings of 13th ACM Symposium on Access Control Models and Technologies. Estes Park, United States: ACM New York, 2008 : 93-101.
  • 9李晓峰,冯登国,徐震.一种通用访问控制管理模型[J].计算机研究与发展,2007,44(6):947-957. 被引量:8

二级参考文献29

  • 1叶春晓,吴中福,符云清,钟将,冯永.基于属性的扩展委托模型[J].计算机研究与发展,2006,43(6):1050-1057. 被引量:17
  • 2Martin Findcham.EAI Version 2.0.EAI Journal,2001,10:44-47.
  • 3Ravi S Sandhu,et.al.Role-Based Access Control Models.IEEE Computer,1996,29(2):38-47.
  • 4Eric Newcomer.Understanding Webservices:XML,WSDL,SOAP and UDDI.Addison Wsley Professional,2002.
  • 5Uszok A, Bradshaw J, Jeffers R, et al. KAoS Policy Management for Semantic Web Services. IEEE Intelligent Systems,2004, 19(4): 32-41
  • 6Baader F, Nutt W. Basic Description Logics. In: the Description Logic Handbook, F. Baader, D. Calvanese, D.L. McGuinness,et al,eds. Cambridge University Press, 2002. 47-100
  • 7Horrocks I, Patel-Schneider P F, Boley H, et al. SWRL: A semantic Web rule language combining owl and ruleml. W3C Member Submission, 21 May 2004. Available at: http://www. w3.org/Submission/SWRL/
  • 8Damianou N, et al. The Ponder Policy Specification Language.In: Proc. Policy 2001, Workshop on Policies for Distributed Systems and Networks, Bristol, UK, Jan. 2001. 18-39
  • 9Koch M, Mancini LV, Parisi-Presicce F. A graph-based formalism for rbac. ACM Transactions on Information and System Security (TISSEC), 2002. 332-365
  • 10Jajodia S, Samarati P, Sapino M, et al. Flexible support for multiple access control policies. ACM Transactions on Database Systerns, 2001. 214-260

共引文献17

同被引文献9

引证文献2

二级引证文献6

计算机科学
2011年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部