摘要
目前多数访问控制主要解决应用后台的数据保护问题 ,不适合大型复杂的多用户分布式应用 .已有的基于角色访问控制模型忽视了激活角色的动态性质 .对象技术已成为应用系统开发的主流方法 ,但仍缺乏一种通用的访问控制机制 .针对大型应用的安全性设计特点 ,文中提供一个一般性的基于角色实现访问控制的对象式模型 ,提出角色登台 (Role- Playing)以实现特定语境中激活角色的动态特征 .针对分布式交互式应用的控制效率问题 ,给出该模型的一种实现 。
Majority of access control models mainly deal with data protection at the back end of applications at present. However, they were not applicable for large and complex multi user distributed applications. The existing models of Role based Access Control neglect the dynamic features of activated roles. Though object technology has turned into mainstream approaches for application development, it still lacks a general access control mechanism. This paper proposes a general object model of access control based on role for large application security design. Role Playing is introduced to implement the dynamic features of activated roles in particular context. To improve control efficiency of distributed and interactive applications, an implementation method of the model is presented and practiced in application systems development.
出处
《计算机学报》
EI
CSCD
北大核心
2000年第10期1064-1071,共8页
Chinese Journal of Computers
基金
国家"八六三"高技术研究发展计划!(86 3 -3 0 6 -ZD-10 -2 9)
国家自然科学基金!(6 9973 0 2 0 )
关键词
访问控制
角色
面向对象
建模
数据保护
access control, model, role, object oriented, security management
