期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

协同开发环境中基于角色和属性的访问控制模型 被引量:3

Access control model based on role and attribute in collaborative development environment
下载PDF
导出
摘要 针对协同开发环境的需求,提出基于角色和属性的访问控制模型。该模型定义了客体公共属性和主体组织属性,以适应客体可访问性的动态变化和提高分布式授权的灵活性。为保证显性的角色权限配置,建立了权限的运算规则,以解决基于属性的权限配置分析问题。为保证分布式授权的安全性,采用全局访问控制矩阵限制分布授权。所建立的模型已在协同开发环境中得到应用,验证了所提方法的有效性。 An access control model based on role and attribute was presented for requirement of collaborative development environment, in which the public attributes of objects and organizational attributes of subjects were defined to satisfy the dynamic variable accessibilities of objects and to improve the flexibility of permission assignments. To maintain the explicit role-permission assignments, the permission calculus rules were stipulated so that permission assignments based on attributes could be analyzed. The general access control matrix was used to ensure the security of distributed authorization. The proposed model was applied to a collaborative development environment, and the effectiveness was proved.
作者 李阳 刘更 王海伟
机构地区 西北工业大学机电传动与控制陕西省工程实验室
出处 《计算机集成制造系统》 EI CSCD 北大核心 2014年第6期1335-1341,共7页 Computer Integrated Manufacturing Systems
基金 国家863计划资助项目(2006AA04Z120) 西北工业大学基础研究基金资助项目(JC201209) 高等学校创新引智计划资助项目(B13044)~~
关键词 协同开发环境 访问控制模型 角色 属性 产品开发 collaborative development environment access control role attribute product development
分类号 TH166 [机械工程—机械制造及自动化]
  • 相关文献

参考文献14

  • 1SANDHU R S, COYNE E J, FEITEIN H L, et al. Rolebased access control models[J].IEEE Computer, 1996,29(2) : 38-47.
  • 2American National Standards Institute. International committee for information technology standardsClNCITS)[Z].Rolebased access control. ANSI INCITS Standard 359-2004, New York, N. Y. , USA, American National Standards Institute Inc. ,2004.
  • 3FUCHS L, PERNUL G, SANDHU R S. Roles in information security-a survey and classification of the research area [J].Computer s, Security, 2011, DOl: 10. IOI6/j. cose. 2011. 08.002.
  • 4MATIAS A, MAVRIDIS I, ILIOUDIS C, et al. Dynamic access control administration for collaborative applications] CJ/ / Proceedings of the 10th WSEAS International Conference. Athens, Greece, 2006: 355-360.
  • 5MAVRIDIS I, MATIAS A, PAGKALOS I, et al. Supporting dynamic administration of RBAC in Web-based collaborative applications during run-time[J].Information and Computer Security,2009,2(4) :328-352.
  • 6CRUZ I F, GJOMEMO R, JARZAB G. An interoperation framework for secure collaboration among organizations[C]/ / Proceedings of the 3rd ACM SIGSPATIAL International Workshop. San Jose, Cal. , USA:ACM,2010:4-11.
  • 7LI N H. BYUN J W. BERTINO E. A critique of the ANSI standard on role based access control [J].IEEE Security & Privacy. 2007 .5(6) :41-49.
  • 8FERRAIOLO D. KUHN R. SANDHU R S. RBAC standard ranonals commenrs on "a critique of the ANSI standard on role based access control" [J].IEEE Security & Privacy, 2007.5(6): 51-53.
  • 9KUHN DR. COYNE E J. WElL T R. Adding attributes to role-based access control[J].IEEE Computer. 2010.43(6): 79-81.
  • 10]IN X. SANDHU R. KRISHMAN R. RABAC: role-centric attribute-based access control [C]/ /Proceedings of Computer Network Security: 6th International Conference on Mathematical Methods. Models and Architechtures for Computer Network Security. Berlin. Germany: Springer-Verlag, 2012: 84-96.

二级参考文献17

  • 1裘炅,谭建荣,张树有,马晨华.应用角色访问控制的工作流动态授权模型[J].计算机辅助设计与图形学学报,2004,16(7):992-998. 被引量:16
  • 2R.S. Sandhu, E. J. Coyne, H. L. Feinstein, et al. Role-based access control models. IEEE Computer, 1996, 29(2): 38~47.
  • 3R.S. Sandhu, D. F. Ferraiolo, D. R. Kuhn. The NIST model for role-based access control: Towards a unified standard. In:Proc. the 5th ACM Workshop on Role-Based Access Control.Berlin: ACM Press, 2000. 47~63.
  • 4D.F. Ferraiolo, R. S. Sandhu, S. Gavrila, et al. Proposed NIST standard for role-based access control. ACM Trans.Information and System Security, 2001, 4(3): 224~274.
  • 5M. J. Moyer, M. Ahamad. Generalized role-based access control. In: Proc. the 21st Int'l Conf. Distributed Computing Systems. Phoenix: IEEE Press, 2001. 391~398.
  • 6M.J. Covington, M. J. Moyer, M. Ahamad. Generalized rolebased access control for securing future applications. The 23rd National Information Systems Security Conf., Baltimore, 2000.http://csrc. nist. gov/nissc/2000/proceedings/.
  • 7Department of Defense (DoD) . Trusted Computer System Evaluation Criteria (TCSEC) (DoD 5200.28-STD 1985 ) . Fort Meade, MD: Department of Defense, 1985.
  • 8R.S. Sandhu, Q. Munawer. How to do discretionary access using roles. In: Proc. the Third ACM Workshop on Role Based Access Control. Barkley: ACM Press, 1998. 47~54.
  • 9S Osborn. Mandatory access control and role-based access control revisited. In: Proc. the Second ACM Workshop on Role Based Access Control. Virginia: ACM Press, 1997. 31~40.
  • 10R. S. Sandhu. Role-based access control. Advances in Computers, 1998, 46:237~286.

共引文献28

同被引文献20

  • 1廖旭,张力.产品生命周期管理系统中工作流的访问控制模型[J].计算机集成制造系统,2005,11(10):1367-1371. 被引量:3
  • 2尹建伟,徐争前,冯志林,陈刚,董金祥.增强权限约束支持的基于任务访问控制模型[J].计算机辅助设计与图形学学报,2006,18(1):143-149. 被引量:16
  • 3THOMAS R K, SANDHU R S. Task-based authorization co- ntrols:a family of models :or active and enterprise-oriented authori- zation managementEC://Proceedings of the IFIP WG11.3 Work- sbop on Database Security. London, UK:Chapman:::Holp, 1997.
  • 4JIN X, KRISHNAN R, SANDHU R. A unified attribute- based access control model covering DAC, MAC and Rt3AC:C:// Proceedings of the 26th Annual IFIP WGll. 3 Confer- ence on Data and Applications Security and Privacy. Berlin Germany: Springer-Verlag, 2012.
  • 5SMARI W W, CLEMENTE P, LALANDE J F. An extend- ed attribute based access control model with trust and priva- cy:Application to a collaborative crisis management system [EB/OL:. E2014-11-02:. http://dx, doi. org/10. 1016/j. {u- ture. 2013.05. 010.
  • 6Workflow Management Coalition. The workflow reference model[Z]. WfMC-TC00-1003,1997.
  • 7OASIS, OASIS eXtensible access control markup language (XACML)EZ:. Version 3, 0, 2010.
  • 8SMARI W W, CLEMENTE P, LALANDE J F. An extend- ed attribute based access control model with trust and priva- cy:Application to a collaborative crisis management system [EB/OL]. :2014-11:02]. http,//dx, doi. org/10. 1016/i. {u- ture. 2013.05. 010.
  • 9魏永合,王成恩,罗小川.基于图的工作流访问控制模型[J].计算机集成制造系统,2009,15(5):925-931. 被引量:3
  • 10王小明,付红,张立臣.基于属性的访问控制研究进展[J].电子学报,2010,38(7):1660-1667. 被引量:84

引证文献3

二级引证文献8

计算机集成制造系统
2014年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部