摘要
在PBDM授权代理模型的基础上,提出一种新的授权代理模型PBDM-P,将角色划分为常规角色、私有角色和临时代理角色,将权限划分为可代理权限和不可代理权限.PBDM-P通过划分角色和权限实现了用户-用户授权代理、角色-角色授权代理,从而有效解决了角色名空间爆炸和空角色等问题,保证了系统的安全访问,使授权代理更灵活.
The authors introduced a new delegation model based on the permission-based delegation model (PBDM). The roles are divided into three sets, which include regular roles, private roles and delegation roles. The permissions are divides into two sets, which include delegatable permissions and un-delegatable permissions. This new model supports user-to-user and role-to-role delegation, effectively avoids some problems such as name space explosion and void roles, ensures the safety of access to the system, and makes the delegation more flexible.
出处
《吉林大学学报(理学版)》
CAS
CSCD
北大核心
2012年第5期1007-1010,共4页
Journal of Jilin University:Science Edition
基金
国家自然科学基金(批准号:60973041)
关键词
授权代理
角色
权限
delegation
role
permission