一种基于角色访问控制(RBAC)的新模型及其实现机制

A NEW ROLE BASED ACCESS CONTROL MODEL AND IT'S IMPLEMENT MECHANISM

文中对基于角色访问控制（ｒｏｌｅ－ｂａｓｅｄ ａｃｃｅｓｓ ｃｏｎｔｒｏｌ， ＲＢＡＣ）研究中的两大热点——模型的建立和实现进行了较深入的研究，提出了一种新的ＲＢＡＣ模型——ＮＲＢＡＣ模型．这一模型除具有全面性外，比之已有的ＲＢＡＣ９６ 模型还具有接近现实世界和形式统一的优点．针对ＮＲＢＡＣ模型的实现，文中又提出了一种新的ＲＢＡＣ实现机制——基于时间戳和素数因子分解的二进制双钥－锁对（ ＴＰＢ－２－ＫＬＰ）访问控制方案．它不仅能很好地克服已有ＲＢＡＣ实现机制存在的缺点，还兼备了对锁向量修改次数少和发生溢出可能性小的优点．

In this paper, the construction and implementation of a role based access control (RBAC) model are discussed, which are two hot topics in the research of role based access control. A new RBAC model which is named “NRBAC model” is presented. Besides comprehension, this model has advantages of being close to the real world and having a consistent form over RBAC96 models. For the implementation of NRBAC model, a new implement mechanism, which is a binary two key lock pair access control scheme using prime factorization (TPB 2 KLP), is presented. This mechanism overcomes the disadvantages of the implement mechanism of RBAC which have already been presented, and it has both the advantage of the small number of lock vector updating and the advantage of low possibility of overflow.