摘要
针对电力调度自动化系统对访问控制的要求和基于角色的访问控制模型存在的缺陷,提出了一种基于可信度的角色访问控制模型。将用户身份可信与行为可信相结合,根据用户身份认证过程中捕获到的隐含信息,借助人工智能不确定性推理理论计算用户的可信度,并将可信度参与用户授权。对角色、权限分别设置可信度激活阈值,用户必须通过角色、权限的可信激活约束才能获得相应的权限。该模型能实现灵活的系统授权,保证了用户对系统资源安全访问,很好地适用于现有的电力调度自动化系统。
By referring to the requests of access control in the power dispatching automation system and the defects of the role- based access control model, a new credibility-based role access control model is proposed. It combines the user behavior trust with identity trust. With user login implied information captured in the process of user authentication, the uncertainty reasoning theory of artificial intelligence is used to calculate the user's credibility, which then participates in the user authorization. The credibility active threshold to roles and permissions is set, and the user can not get their deserved permissions unless they can satisfy the credible active constraints for roles and permissions. A flexible system delegation can be realized to ensure a safe user access to system resource, making this model well applied to the existing power dispatching automation system
出处
《电力系统自动化》
EI
CSCD
北大核心
2012年第12期76-81,115,共7页
Automation of Electric Power Systems
基金
河北省高等学校科学研究计划资助项目(Z2010290)~~
关键词
调度自动化系统
角色访问控制模型
可信度
授权
dispatching automation system
role-based access control (RBAC) model
credibility
delegation
