摘要
针对使用控制模型(UCON)中加入委托功能后安全分析愈加复杂的问题,首先形式化地表达了其子模型——使用前授权(UCONpreA)的委托过程,通过分析证明了一般带有委托功能的UCONpreA模型的安全性是不可确定的,然后通过构造有限状态机的方法证明了一个受约束的带有委托功能的UCONpreA模型的安全性是可确定的,最后利用该约束模型成功地表达了传统的基于角色的委托模型(RBDM0);并进一步增强了UCON的表达能力,能有效保证其安全性。
In order to resolve the problem of safety analysis for Usage Control(UCON) with delegation feature,this article first formalized the delegation process for its one child model,pre-authorization model;the security of a general UCONpreA model with delegation feature was indefinite through analysis,by means of constructing a finite state machine,the security of a constrained UCONpreA model with delegation feature was proved decidable;lastly,the traditional role based on delegation model was simulated successfully using the constrained model.This research further enhances the expression power of UCON,and ensures its safety effectively.
出处
《计算机应用》
CSCD
北大核心
2012年第12期3426-3429,共4页
journal of Computer Applications
基金
国家科技支撑计划项目(2012BAH19F003)