期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于岗位映射的应急组织间跨域访问控制研究 被引量:1

Study of Cross-domain Access Control Among Emergency Organizations Based on Position-mapping
下载PDF
导出
摘要 突发事件由于其自身特点,需要多组织、多部门来完成相应的应对、协调、善后等应急管理活动,但当前基于RBAC模型的应急组织间跨域访问控制,存在权限循环继承冲突、职责分离冲突和异构冲突等安全问题。通过总结应急管理系统的实际开发经验,从组织管理的岗位出发,提出基于岗位映射的应急组织间跨域访问控制机制。在分析应急组织间跨域访问控制机制具体实现流程的基础上,讨论其如何有效解决上述安全冲突问题,并结合某市应急管理平台的实际处理流程,验证了该机制的正确性和可行性。 Due to its characteristics, the emergency management needs a great deal of inter-operation and coordination in a multi-domain environment. But the current solution that based on the Role-based Access Control(RBAC) induces the following security conflicts, which are cyclic inheritance, separation of duties and modality conflicts. Through a large number of experiences in developing emergency management information systems, this paper uses the method of organizational management and proposes a multi-domain access control mechanism based on the position. Via the analysis of the specific implementation process, it focuses on the resolution to deal with the security conflict problems, and combining with the practical application case to test and verify its correctness and feasibility.
作者 彭友 宋艳 鞠航 王延章
机构地区 哈尔滨工程大学经济管理学院 大连理工大学信息技术与决策支持研究所
出处 《计算机工程》 CAS CSCD 2014年第6期104-108,114,共6页 Computer Engineering
基金 国家自然科学基金资助重点项目(91024029) 中国博士后基金资助面上项目(2013M540273)
关键词 应急管理 跨域访问控制 岗位映射 多域 权限管理 信息安全 emergency management cross-domain access control position-mapping multi-domain authorization management information security
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献12

  • 1Shafiq B, Joshi J B D, Bertino E. Secure Interoperation in a Multi-domain Environment Employing RBAC Policies[J]. IEEE Transactions on Knowledge and Data Engineering, 2005, 17(11): 1557-1577.
  • 2Bonatti P A, Sapino M L, Subrahmanian V S. Merging Heterogeneous Security Orderings[C]//Proc. of ESORICS’96. Berlin, Germany: Springer, 1996: 183-197.
  • 3Bonatti P, Vimercati S D C, Samarati P. An Algebra for Composing Access Control Policies[J]. ACM Transactions on Information and System Security, 2002, 5(1): 1-35.
  • 4Dawson S, Qian S, Samarati P. Providing Security and Inter- operation of Heterogeneous Systems[J]. Distributed and Parallel Databases, 2000, 8(1): 119-145.
  • 5Liu S Y, Huang H J. Role-based Access Control for Distributed Cooperation Environment[C]//Proc. of 2009 International Conference on Computational Intelligence and Security. Beijing, China: [s. n.], 2009: 455-459.
  • 6Ma Mingchao. Constraint-enabled Distributed RBAC for Subscription-based Remote Network Services[C]// Proc. of the 6th IEEE International Conference on Computer and Information Technology. [S. l.]: IEEE Press, 2006: 160-165.
  • 7Kapadia A, Al-Muhtadi J. IRBAC2000: Secure Interopera- bility Using Dynamic Role Translation[C]//Proc. of Interna- tional Conference on Internet Computing. Chicago, USA: [s. n.], 2000.
  • 8刘猛,王轩,黄荷娇,赵海楠,张加佳.基于Petri网的IRBAC 2000域间动态转换SMER约束违反检测[J].计算机研究与发展,2012,49(9):1991-1998. 被引量:3
  • 9廖俊国,洪帆,朱贤,肖海军.多域间动态角色转换的职责分离[J].计算机研究与发展,2006,43(6):1065-1070. 被引量:14
  • 10Li Ninghui, Bizri Z, Tripunitara M V. On Mutually-exclusively Roles and Separation of Duty[C]//Proc. of the 11th ACM Conference on Computer and Communications Security. New York, USA: ACM Press, 2004: 42-51.

二级参考文献27

  • 1廖俊国,洪帆,朱贤,肖海军.多域间动态角色转换的职责分离[J].计算机研究与发展,2006,43(6):1065-1070. 被引量:14
  • 2Apu Kapadia, Jalal AI-Muhtadi, R. Campbell, et al. IRBAC 2000: Secure interoperability using dynamic role translation.University of Illinois, Technical Report: UIUCDCS-R-2000-2162, 2000
  • 3Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, et al.Role-based access control models. IEEE Computer, 1996, 29(2):38-47
  • 4G, Malkin, Internet users'glossary. IETF RFC 1983. http://www. faqs. org/rfcs/rfc1983.html, 1996
  • 5D. F. Ferraiolo, R. S. Sandhu, S. Gavrila, et al. Proposed NIST standard for role-based access control. ACM Trans.Information and Systems Security, 2001, 4(3): 224-274
  • 6J, Crampton. Specifying and enforcing constraints in role-based access control. In: Proc, 8th ACM Symposium on Access Control Models and Technologies. New York: ACM Press, 2003. 43-50
  • 7Ninghui Li, Ziad Bizri, Mahesh V. Tripunitara. On mutually-exclusive roles and separation of duty. In: Proc. 11th Conf.Computer and Communications Security. New York: ACM Press,2004. 42-51
  • 8Ravi Sandhu, Qamar Munawer. The ARBAC99 model for administration of roles. In: Proc. 15th Annual Computer Security Applications Conference. Los Alamitos, CA: IEEE Computer Society Press, 1999. 229-239
  • 9Ravi Sandhu, Venkata Bhamidipati, Qamar Munawer. The ARBAC97 model for role-based administration of roles. ACM Trans. Information and System Security, 1999, 2 ( 1 ) : 105 - 135
  • 10Li Gong, Qian Xiaolei. Computational issues in secure interoperation ~Jl. IEEE Trans on Software Engineering, 1996, 22(1): 43-52

共引文献18

同被引文献5

引证文献1

计算机工程
2014年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部