摘要
基于角色的访问控制是提高工作流系统安全的重要机制和方法,然而现有模型并未将工作流中任务进一步细化为一系列活动。本文提出的RABAC for Workflow模型将授权的粒度降低至活动状态层次,增强了访问控制的灵活性和工作流系统的安全性,并满足"最小权限原则"和"职责分离原则"。采用UML进行可视化工程建模,进一步缩短了理论模型和实际应用系统开发之间的差距。应用实例表明所提出模型与可视化建模方法的安全性和有效性。
Role-based access control is an important mechanism and approach to improving the security of workflow system,whereas related models have not referring to the refinement of a workflow task into a series of activities.A Role-Activity Based Access Control for Workflow decreases the authorization granularity into a level of activity status,and improves the access control flexibility and workflow system security,achieving the two principles of "Least Privilege" and "Separation of Duties".And the visual engineering modeling by UML further shortens the gap between the theoretical model and application developments.An application case denotes that the proposed model and visual modeling method is secure and valid.
出处
《网络安全技术与应用》
2011年第7期22-25,共4页
Network Security Technology & Application
基金
国家自然科学基金项目(No.61003234)
中国博士后科学基金面上项目(No.20100471611)
河南省高校科技创新人才支持计划资助(No.2011HASTIT015)
河南省重点科技攻关项目(No.092102210295)
河南科技大学博士科研基金(No.09001470)资助
