GTRBAC模型的安全性分析及其改进

SECURITY ANALYSIS ON GTRBAC MODEL AND ITS IMPROVEMENT

下载PDF

导出

摘要 Bertino等人提出了带有时间约束的RBAC模型-TRBAC(Temporal Role-based Access Control),该模型支持角色有效状态的周期性控制,也可通过实时请求角色事件改变角色的状态。Joshi等人在TRBAC模型基础上扩展并提出了一个新的时间RBAC模型——GTRBAC(Generalized Temporal Role-based Access Control)。该模型增加了用户-角色和角色-权限分配周期性时间约束和持续时间约束,以及角色激活持续时间约束和基数约束。首先对GTRBAC模型的安全性进行分析,指出Joshi给出的GTRBAC模型安全的充分条件是不全面的,分析原因并提出了保证该模型安全的充分条件的完整定义。 Bertino et al. proposed a temporal role-based access control （TRBAC） model, which supports the periodic control on role＇ s valid state, besides, the state of a role can also altered by requesting timely the role event. Joshi et al. proposed a new temporal RBAC mod- el generalised TRBAC （GTRBAC） based on expanding the TRBAC. In this model, some periodic constraints and duration constraints on user-role and role-permission assignment are added, as well as the duration constraints and cardinality constraints on role activation. In this paper, we first analyse the security of GTRBAC model, and then point out that the sufficient conditions for GTRBAC model security given by Joshi is incomplete, and also analyse its cause and present a complete definition of sufficient condition for guaranteeing the security of the model.

作者刘猛王轩

机构地区哈尔滨工业大学深圳研究生院计算机应用研究中心山东大学威海分校机电与信息工程学院

出处《计算机应用与软件》 CSCD 北大核心 2012年第10期300-303,共4页 Computer Applications and Software

关键词基于角色的访问控制时间约束依赖触发器事件安全性 Role-based access control Time constraints Dependent trigger Event Security

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献11

1Sandhu R,Coyne E J,Feinstein H L,et al.Role-Based Access Con-trol Models[J].IEEE Computer,1996,29(2):38-47.
2Ferraiolo D F,Sandhu R,Gavrila S,et al.Proposed NIST standardfor role-based access control[J].ACM Transactions on Information andSystem Security,2001,4(3):224-274.
3ANSI INCITS 359-2004 Role-Based Access Control[S].AmericanNational Standard for Information Technology,2004.
4Sandhu R,Bhamidipati V.The ASCAA Principles for Next-GenerationRole-Based Access Control[C] //Proceedings of the 3rd InternationalConference on Availability,Reliability and Security(ARES),2008:xxvii-xxxii.
5Mühlbacher J R,Praher C.DS RBAC-Dynamic Sessions in RoleBased Access Control[J].Journal of Universal Computer Science,2009,15(3):538-554.
6Hansen F,Oleshchuk V.SRBAC:A Spatial Role-Based Access Con-trol Model for Mobile Systems[C] //Proceedings of the Nordsec 2003,2003:129-141.
7Bertino E,Catania B,Damiani M L,et al.GEO-RBAC:a spatially a-ware RBAC[C] //Proceedings of the tenth ACM symposium on Accesscontrol models and technologies(SACMAT'05),2005:29-37.
8Damiani M L,Bertino E,Perlasca P.Data security in location-awareapplications:an approach based on RBAC[J].International Journal ofInformation and Computer Security,2007,1(1/2):5-38.
9Kim Y,Lim J.Dynamic Activation of Role on RBAC for UbiquitousApplications[C] //Proceedings of the 2007 International Conferenceon Convergence Information Technology(ICCIT'07),2007:1148-1153.
10Bertino E,Bonatti P A,Ferrari E.TRBAC:A temporal role-based ac-cess control model[J].ACM Transactions on Information and SystemSecurity,2001,4(3):191-233.

1惠普的打印机与市场前景[J].办公自动化（办公设备与耗材）,2010(3):19-19.
2郑成文,吴俊杰.信息的编码:电报[J].中国信息技术教育,2014(7):77-78.
3王恒青,钱新恩.RBAC模型时态约束和层次继承的研究与分析[J].湖北汽车工业学院学报,2007,21(4):41-45. 被引量：1
4陈军冰,王志坚,太史雁峰.校园网角色访问控制应用研究[J].计算机工程与设计,2006,27(20):3817-3820. 被引量：1
5林炼,黎忠文.分散式角色激活管理中的角色查找[J].福建电脑,2008,24(4):9-10.
6刘智,邹枝玲.基于时态信息的RBAC建模研究[J].重庆师范大学学报（自然科学版）,2009,26(3):69-71.
7周建美,徐慧.TRBAC模型在工作流系统中的研究与实现[J].微型机与应用,2010,29(15):4-5. 被引量：1
8张海娟,付争方,张宏琳.安全工作流用户分配策略[J].计算机应用研究,2008,25(1):238-240. 被引量：2
9鞠时光,陈伟鹤,顾怡.带有空间特性角色约束[J].计算机辅助设计与图形学学报,2008,20(10):1374-1382. 被引量：5
10李良波.基于Excel的检测实验设备校准状态的管理[J].中国计量,2009(7):49-50.

计算机应用与软件

2012年第10期

浏览历史

内容加载中请稍等...

GTRBAC模型的安全性分析及其改进

参考文献11

相关作者

相关机构

相关主题

浏览历史