期刊文献+

基于PBDM划分权限的授权代理模型

Delegation Model Based on PBDM and Permissions Division
下载PDF
导出
摘要 在PBDM授权代理模型的基础上,提出一种新的授权代理模型PBDM-P,将角色划分为常规角色、私有角色和临时代理角色,将权限划分为可代理权限和不可代理权限.PBDM-P通过划分角色和权限实现了用户-用户授权代理、角色-角色授权代理,从而有效解决了角色名空间爆炸和空角色等问题,保证了系统的安全访问,使授权代理更灵活. The authors introduced a new delegation model based on the permission-based delegation model (PBDM). The roles are divided into three sets, which include regular roles, private roles and delegation roles. The permissions are divides into two sets, which include delegatable permissions and un-delegatable permissions. This new model supports user-to-user and role-to-role delegation, effectively avoids some problems such as name space explosion and void roles, ensures the safety of access to the system, and makes the delegation more flexible.
出处 《吉林大学学报(理学版)》 CAS CSCD 北大核心 2012年第5期1007-1010,共4页 Journal of Jilin University:Science Edition
基金 国家自然科学基金(批准号:60973041)
关键词 授权代理 角色 权限 delegation role permission
  • 相关文献

参考文献9

  • 1Sandhu R S, Coyne E J, Feinstein H L, et al. Role-Based Access Control Models [J]. IEEE Computer, 1996, 29(2) : 38-47.
  • 2Barka E S, Sandhu R. Framework for Role-Based Delegation Model [ C]//Proceedings of the 16th Annual Computer Security Applications Conference. Washington DC: IEEE Computer Society, 2000: 168-176.
  • 3ZHANG Xin-wen, Oh S, Sandhu R. PBDM : A Flexible Delegation Model in RBAC [ C ]//Proceeding of the 8th Symposium on Access Control Models and Technologies. New York: ACM Press, 2003: 149-157.
  • 4Barka E, Sandhu R. A Role-Based Delegation Model and Some Extensions [ C]//Proceeding of 23rd National Information Systems Security Conference. Baltimore : [ s. n. ] , 2000 : 101-114.
  • 5ZHANG Long-hua, Ahn G J, Chu B T. A Rule-Based Framework for Role-Based Delegation [ C]//Proceedings of the 6th ACM Symposium on Access Control Models and Technologies. New York: ACM Press, 2001: 153-162.
  • 6Sandhu R, Ferraiolo D, Kuhn R. The NIST Model for Role-Based Access Control: Towards a Unified Standard [ C 1// Proceedings of 5th ACM Workshop on Role-Based Access Control. New York: ACM, 2000: 47-63.
  • 7张健,孙吉贵,李妮娅,胡成全,钱云.工作流中一个基于加权角色的权限代理模型[J].吉林大学学报(工学版),2009,39(4):1057-1063. 被引量:3
  • 8孙为群,单保华,张程,刘晨.一种基于角色代理的服务网格虚拟组织访问控制模型[J].计算机学报,2006,29(7):1199-1208. 被引量:16
  • 9董光宇,卿斯汉,刘克龙.带时间特性的角色授权约束[J].软件学报,2002,13(8):1521-1527. 被引量:51

二级参考文献23

  • 1孙波,赵庆松,孙玉芳.TRDM——具有时限的基于角色的转授权模型[J].计算机研究与发展,2004,41(7):1104-1109. 被引量:26
  • 2[1]Sandhu, R. Issues in RBAC . In: Proceedings of the ACM RBAC Workshop. MD: ACM Press, 1996. 21~24.
  • 3[2]Jaeger, T. On the increasing importance of constraints. In: Proceedings of 4th ACM Workshop on Role-Based Access Control. Fairefax, VA: ACM Press, 1999. 33~42.
  • 4[3]Ahn, G.-J. The RCL2000 language for specifying role-based authorization constraints [Ph.D. Thesis]. Fairfax, VA: George Mason University, 1999.
  • 5[4]Sandhu, R., Coyne, E.J., Feinstein, H.L., et al. Role-Based access control models. IEEE Computer, 1995,29(2):38~47.
  • 6[5]Chen, Fang, Sandhu, R. Constraints for role-based access control. In: Proceedings of the ACM RBAC Workshop. MD: ACM Press, 1996. 39~46.
  • 7Foster I.,Kesselman C.,Tuecke S..The anatomy of the grid.International Journal of High performance Computing Applications,2001,15(3):200~222
  • 8俞坚,韩燕波.面向服务的计算--原理及应用.北京:清华大学出版社,2006
  • 9Han Y.,Geng H.,Li H.et al.VINCA-A visual and personalized business-level composition language for chaining Web-based services.In:Proceedings of the 1st International Conference on Service-Oriented Computing,Trento,Italy,2003,165~177
  • 10Foster I.,Kesselman C.,Pearlman L.,Tuecke S.,Welch V..The community authorization service:Status and future.In:Proceedings of the Computing in High Energy Physics,La Jolla,California,USA,2003

共引文献65

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部