摘要
访问控制管理为维护访问控制策略的安全、一致提供了重要保障。针对现有访问控制管理模型存在指派关系复杂、扩展性差、缺乏对跨域访问管理有效支撑的问题,结合多级跨域系统特性和访问控制管理的细粒度要求,文章提出了多级跨域访问控制管理模型,给出了模型的基本元素、元素关系、约束条件和管理规则。与现有研究相比,该模型具有良好的可扩展性,支持细粒度的管理操作,能够有效支撑多级跨域环境下安全、统一的访问控制管理。
The technologies of access control administration provide security and consistency to access control policies. Aiming at the problems of complex assignment, scalability and lacking of effective support for cross-domain access management of exsisting models, this paper proposes a multi-level&inter-domain access control administrative model (ML-IDACAM) by combining the characteristics of multi-level&inter-domain system and the ifne-grained need of access control administration, bringing forward the model’s basic elements, element relationships, constraints and administration rules. Compared with related works, the ML-IDACAM model which has good expansibility and ifne-grained operation can support secure and centralized access control administration.
出处
《信息网络安全》
2014年第2期1-6,共6页
Netinfo Security
基金
国家"973"重点基础研究发展计划[2011CB311801]
国家"863"高技术研究发展计划[2012AA012704]
关键词
多级跨域
访问控制管理
细程度
multi-level and inter-domain
access control administration
ifne-gramed
