Permission and role automatic assigning of user in role-based access control 被引量：4

Permission and role automatic assigning of user in role-based access control

下载PDF

导出

摘要 Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient. Role mining and setup affect the usage of role-based access control （RBAC）. Traditionally, user＇s role and permission assigning are manipulated by security administrator of system. However, the cost is expensive and the operating process is complex. A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems. The relation among sets of permissions, roles and! users was explored by generating mappings, and the relation between sets of users and attributes was analyzed by means of the concept lattice model, generating a critical mapping between the attribute and permission sets, and making the meaning of the role natural and operational. Thus, a role is determined by permission set and user＇s attributes. The generated mappings were used to automatically assign permissions and roles to new users. Experimental results show that the proposed algorithm is effective and efficient,

作者韩道军卓汉逵夏兰亭李磊

机构地区 Software Research Institute Institute of Data and Knowledge Engineering NetCraft Information Technology(Macao)Co. NetCraft Information Techno logy(Macao)Co.

出处《Journal of Central South University》 SCIE EI CAS 2012年第4期1049-1056,共8页 中南大学学报（英文版）

基金 Project(61003140) supported by the National Natural Science Foundation of China Project(013/2010/A) supported by Macao Science and Technology Development Fund Project(10YJC630236) supported by Social Science Foundation for the Youth Scholars of Ministry of Education of China

关键词基于角色的访问控制控制权限用户自动分配操纵系统属性集 RBAC 权限分配 role-based access control role permission assignment concept lattice

分类号 TP309 [自动化与计算机技术—计算机系统结构] TP317 [自动化与计算机技术—计算机软件与理论]

引文网络
相关文献

参考文献4

1刘强,姜云飞,饶东宁.基于Graphplan的ARBAC策略安全分析方法[J].计算机学报,2009,32(5):910-921. 被引量：9
2李晓峰,冯登国,陈朝武,房子河.基于属性的访问控制模型[J].通信学报,2008,29(4):90-98. 被引量：80
3王国胤,姚一豫,于洪.粗糙集理论与应用研究综述[J].计算机学报,2009,32(7):1229-1246. 被引量：366
4杨秋伟,洪帆,杨木祥,朱贤.基于角色访问控制管理模型的安全性分析[J].软件学报,2006,17(8):1804-1810. 被引量：38

二级参考文献67

1庞发虎,庞振凌,杜瑞卿.粗糙集理论对湖泊生态系统健康评定指数法的评价[J].生物数学学报,2008,23(2):337-344. 被引量：4
2王明慧.粗糙集理论在铁路行车调度指挥系统中应用的研究[J].中国铁道科学,2004,25(4):103-107. 被引量：13
3陈真诚,张锋,蒋大宗,倪利莉,王红艳.利用多分辨率分析的胸部X线数字图像粗糙集滤波增强[J].中国生物医学工程学报,2004,23(6):486-489. 被引量：7
4张文修,魏玲,祁建军.概念格的属性约简理论与方法[J].中国科学（E辑）,2005,35(6):628-639. 被引量：193
5胡峰,黄海,王国胤,吴渝.不完备信息系统的粒计算方法[J].小型微型计算机系统,2005,26(8):1335-1339. 被引量：18
6胡圣武,郭增长,王新洲,陶本藻.论遥感数据的模糊不确定性及基于Rough集的处理方法[J].中国铁道科学,2006,27(2):132-136. 被引量：5
7匡乐红,徐林荣,刘宝琛,姚京成.基于粗糙集原理的泥石流危险度区划指标选取方法[J].地质力学学报,2006,12(2):236-242. 被引量：14
8杨秋伟,洪帆,杨木祥,朱贤.基于角色访问控制管理模型的安全性分析[J].软件学报,2006,17(8):1804-1810. 被引量：38
9钟勇,秦小麟,郑吉平,林冬梅.一种灵活的使用控制授权语言框架研究[J].计算机学报,2006,29(8):1408-1418. 被引量：15
10倪永成,杨建国,吕志军.基于Rough Set理论对原棉纱线强度的规则提取[J].纺织科技进展,2006(6):65-66. 被引量：3

共引文献482

1杨臻,邱保志.混合信息系统的动态变精度粗糙集模型[J].控制与决策,2020,35(2):297-308. 被引量：10
2丁广林.监理企业安全信用评价体系研究[J].建筑经济,2020(S01):41-45. 被引量：4
3王思.应用属性约简算法实现运动员伤病影响因素评估的研究[J].电子测量技术,2020,43(11):10-15.
4任泽,周逸轩,刘永国,齐宝军,刘恒,孙思.基于RS的增压系统能效评价权重计算[J].内蒙古石油化工,2019,0(12):37-40.
5谷德丽,马春光,汪定,郭金生.基于密码技术的涉密信息系统安全防护框架研究[J].保密科学技术,2012,0(10):60-63. 被引量：1
6马春光,汪定,张启明.广域涉密信息系统域间授权问题研究[J].保密科学技术,2011,0(11):50-52. 被引量：3
7梁柱森,梁伟坚,韦云毅.基于ThinkPHP框架的创业培训管理系统的设计与实现[J].微型机与应用,2013,32(23):7-9. 被引量：2
8郭树行,张禹,王坚.基于情景演算的物联网访问控制模型[J].中南大学学报（自然科学版）,2013,44(S1):176-180. 被引量：2
9郭树行,张禹.基于动态情景网关的系统协同访问控制模型[J].通信学报,2013,34(S1):142-147. 被引量：3
10宋冬梅,刘斌,陈寿长,马毅,马明国,李利伟,张雅洁,沈晨,崔建勇.基于子空间-粗集法的高光谱数据光谱与纹理特征优选[J].遥感技术与应用,2015,30(2):258-266. 被引量：3

同被引文献18

1Mehdi Kaytoue,Sergei O. Kuznetsov,Amedeo Napoli,Sébastien Duplessis.Mining gene expression data with pattern structures in formal concept analysis[J].Information Sciences.2011(10)
2Vaidya J,Afluri V,Guo Q. The role mining problem:finding a minimal descriptive set of roles[A]. Proceedings of the 12th ACM symposium on Access control models and technologies [C] .New York:ACM,2007. 175- 184.
3Vaidya J, Afluri V, Gun Q, et al. Edge-rmp: Minimizing admin- istrative assignments for role-based access control [J]. Journal of Computer Security, 2009,17 (2) 211 - 235.
4Lu H, Vaidya J, Afluri V. Optimal boolean malrix decomposi- tion: Application to role engineering [ A ]. IEEE 24th Interna- tional Conference on Data Engineefing [C ]. Piscataway: 1EEE, 2008.297 - 306.
5Ene A, Home W, Milosavljevic N, et al. Fast exact and heuris- tic methods for role minimization problems[ A]. Proceedings of the 13th ACM symposium on Access control models and tech- nologies[ C] .New York: ACM,2008.1- 10.
6Zhang D, Ramamohanarao K, Ebringer T. Role engineering us- ing graph opfimisationl A] .Proceedings of the 12th ACM sym- posium on Access control models and technologies [ C ]. New York: ACM,2007.139 - 144.
7Ganter B, Wille R. Formal Concept Analysis: Mathematical Foundations[ M]. Berlin: Springer, 1999.
8Sobieski , Zielifiski B. Modelling role hierarchy smacture using the formal concept analysis[J]. Annales UMCS, Informatica, 2010,10(2) : 143 - 159.
9Wang Jian, Zeng Cheng, He Chuan, Hong Liang, et al. Con- text-aware role mining for mobile service recommendation[ A ]. Proceedings of the 27th Annual ACM Symposium on Applied Computing[ C ]. New York: ACM, 2012.173 - 178.
10Gauthier F, Merlo E. Investigation of access control models with formal concept analysis: A ca study [ A ] 2012 16th Eu- ropean Conference on Software Maintenance and Reengineer- ing(CSMR) [ C ]. Piscataway: IEEE, 2012.397 - 402.

引证文献4

1张磊,张宏莉.概念格在访问控制中的研究综述[J].智能计算机与应用,2014,4(6):1-4.
2张磊,张宏莉,韩道军,沈夏炯.基于概念格的RBAC模型中角色最小化问题的理论与算法[J].电子学报,2014,42(12):2371-2378. 被引量：13
3Ch.Aswani Kumar,S.Chandra Mouliswaran,LI Jin-hai,C.Chandrasekar.Role based access control design using Triadic concept analysis[J].Journal of Central South University,2016,23(12):3183-3191. 被引量：7
4杨程,张迅晖,曾令斌,范强,王涛,余跃,尹刚,王怀民.RevREC:一个基于Pull-Request开发模型的双层审阅人推荐算法（英文）[J].Journal of Central South University,2018,25(5):1129-1143. 被引量：3

二级引证文献22

1韦延勇,杨祖奎,陈桌,黄尤奎,陈宏础.常规应用简易木瓜酶介质配血试验检出IgG型Rh抗体(附抗-Hr′、抗-rh″一例)[J].重庆医科大学学报,2000,25(2):212-212.
2闫娟,穆晓霞.一种基于角色概念的组织方法研究[J].河南师范大学学报（自然科学版）,2015,43(5):137-141.
3赵斌,何泾沙,张伊璇,及歆荣.基于知识发现的风险最小化授权模型[J].计算机工程与科学,2015,37(11):2112-2120.
4赵君,熊燕妮.基于角色和颗粒操作的自定义通用权限管理模型研究[J].软件导刊,2016,15(12):14-16. 被引量：1
5王霞,张茜,李俊余,刘庆凤.基于粗糙集的三元概念分析[J].山东大学学报（理学版）,2017,52(7):37-43. 被引量：4
6韩道军.角色工程中一种最小角色集的求解算法[J].计算机科学,2017,44(8):115-123. 被引量：1
7刘博,杜建强,刘蕾,罗计根,曾青霞,聂斌.一种面向属性的约束概念格构造算法[J].小型微型计算机系统,2017,38(11):2580-2585. 被引量：1
8蔡勇,陈红梅.MapReduce环境下基于概念分层的概念格并行构造算法[J].中国科学技术大学学报,2018,48(4):275-283. 被引量：4
9丁飞.基于Spring mvc户外广告管理系统访问控制实现[J].电脑与信息技术,2018,26(3):33-35. 被引量：2
10王静宇,陈丽.云环境下的用户-角色分配优化算法[J].微电子学与计算机,2018,35(8):87-92.

1Guo Chen,Liang Jiarong,Luo Chao,He Gaoxing.VAGUE MAPPINGS[J].Journal of Electronics(China),2012,29(3):319-327.
2雷建云,黄昊阳.基于角色的存取控制和工作流管理系统中的存取控制[J].中南民族大学学报（自然科学版）,2004,23(3):79-81. 被引量：2
3黄烨,王翰虎.一种基于RBAC的用户间委托模型研究[J].计算机与现代化,2010(11):127-131.
4武蕾娜,宋蕊.基于AOP和RBAC的权限管理技术的探讨[J].福建电脑,2007,23(12):62-62. 被引量：3
5胡艳,戴英侠,卢震宇,连一峰.基于RBAC模型的认证和访问控制系统[J].计算机工程,2002,28(10):61-63. 被引量：6
6徐升华,陈思华.关系数据库系统中基于角色的存取控制[J].计算机与现代化,2005(4):73-76. 被引量：2
7江水.基于角色的存取控制-----RBAC[J].计算机工程,1998,24(10):45-47. 被引量：14
8钟勇.基于可信主体的高可信数据库系统结构设计[J].计算机工程与应用,2004,40(30):181-183. 被引量：1
9Yu Ai-qing,Yu Sheng-sheng,Zhou Jin-li,Guo Hong-xing.C++ Template Data Structure Mappings of ASN.1 of ITU-T X.680 Suitable with PER( X.691) and BER( X.690)[J].Wuhan University Journal of Natural Sciences,2000,5(3):285-288.
10曹弘,张曙光,刘英.基于角色的存取控制及应用[J].计算技术与自动化,2002,21(4):29-33.

Journal of Central South University

2012年第4期

浏览历史

内容加载中请稍等...