摘要
为了解决信息系统访问控制在实际应用中暴露出的授权繁琐、权限控制粒度不足等问题,提出一种改进的RBAC模型;该模型通过增加访问主体的组成粒度并应用面向对象的建模技术对模型中客体对象进行建模描述,提高了系统授权效率并实现了数据级的权限控制;最后给出了该模型的形式化描述和控制算法,并通过在CAPP系统的应用实例验证了该模型的有效性。
To solve the cumbersome authorization, lack of fine--grained access control and such problems which exposed in practical ap- plications of the information system access control, an improved RBAC model was proposed. The model improved the efficiency of the sys- tem authorized and realized data--level access control by increasing the granularity of access subject and applying object--oriented modeling techniques to model access object. At last, a formal description of the model as well as a control algorithm were presented, and an applica- tion of CAPP system example was provided to verify the effectiveness of the model
出处
《计算机测量与控制》
CSCD
北大核心
2012年第8期2146-2148,共3页
Computer Measurement &Control
