期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

属性RBAC策略的OWL表示和推理 被引量:1

Attributive-based RBAC policy representation and reasoning using OWL
下载PDF
导出
摘要 将属性作为授权约束,给出了属性扩展的RBAC模型。提出了一种基于OWL的属性RBAC策略定义和表示方法。该方法支持复杂属性表达式、属性值偏序关系、角色层次关系和约束的定义;在推理机的支持下,可以执行访问控制决策推理,属性表达式支配关系判定和策略知识一致性检测。具体应用案例说明了该方法的可行性。 Treating attribute as authorization constraints, an extended model of RBAC with attributes is proposed. An OWL-based policy representation method of attributive-based RBAC model is presented, in which complex attribute expressions, partial ordering relations between attribute values, role hierarchies, and constraints can be explicitly defined.Access control decisions, dominance relations between attribute expressions, and consistency of policy information can be drawn via an OWL reasoner. A study case is presented to show the feasibility of the method.
作者 陶勇 汪成亮
机构地区 重庆大学计算机学院
出处 《计算机工程与应用》 CSCD 2014年第19期66-69,88,共5页 Computer Engineering and Applications
基金 国家自然科学基金(No.61004112)
关键词 基于角色的访问控制(RBAC) 属性表达式 Web本体语言(OWL) 推理 Role Based Access Control(RBAC) attribute expression Web Ontology Language(OWL) reasoning
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献18

  • 1Sandhu R S,Coyne E J,Feinstein H L,et al.Role-based access control models[J].IEEE Computer,1996,29(2):38-47.
  • 2ANSI INCITS 359-2004 American national standard for information technology-role based access control[S].2004.
  • 3Kuhn D R,Coyne E J,Weil T R.Adding attributes to role based access control[J].IEEE Computer,2010,43(6):79-81.
  • 4Al-kahtani M A,Sandhu R.A model for attribute-based user-role assignment[C]//Proceedings of the 18th Annual Computer Security Applications Conference.Las Vegas,Nevada,USA:IEEE Press,2002:353-362.
  • 5Al-kahtani M A,Sandhu R.Induced role hierarchies with attribute-based RBAC[C]//Proceedings of the 8th ACM Symposium on Access Control Models and Technologies.Villa Gallia,Italy:ACM Press,2003:142-148.
  • 6叶春晓,钟将,冯永.Attribute-based access control policy specification language[J].Journal of Southeast University(English Edition),2008,24(3):260-263. 被引量:6
  • 7叶春晓,李忠祎,胡海波,向宏.基于角色访问控制授权约束条件的生成方法[J].计算机工程,2011,37(1):154-155. 被引量:4
  • 8Rissanen E,Axiomatics A B.XACML v3.0 core and hierarchical Role Based Access Control(RBAC)profile v1.0[EB/OL].(2010-8-10)[2011-12-10].http://docs.oasisopen.org/xacml/3.0/xacml-3.0-rbac-v1-spec-cs-01-en.pdf.
  • 9Barker S.Data protection by logic programming[C]//Proceedings of the 1st International Conference on Computational Logic.Berlin:Springer-Verlag,2000:1300-1314.
  • 10Zhao C,Heilili N,Liu S,et al.Representation and reasoning on rbac:a description logic approach[C]//Proceedings of the 2nd International Conference on Theoretical Aspects of Computing.Berlin:Springer-Verlag,2005,3722:381-393.

二级参考文献22

  • 1叶春晓,吴中福,符云清,钟将,冯永.基于属性的扩展委托模型[J].计算机研究与发展,2006,43(6):1050-1057. 被引量:17
  • 2Sandhu R, Coyne E, Feinstein H, et al, Role-Based Access Control Models[J]. IEEE Computer, 1996, 29(2): 38-47.
  • 3Zhang Dana, Ramamohanarao K, Ebringer T. Role Engineering Using Graph Optimization[C]//Proceedings of the 12th ACM Symposium on Access Control Models and Technologies. Sophia Antipolis, France: [s. n.], 2007: 139-144.
  • 4Al-Kahtani M A, Sandhu R. A Model for Attribute-based User-role Assignment[C]//Proceedings of the 18th Annual Computer Security Applications Conference. Las Vegas, Nevada, USA: IEEE Press, 2002:353-362.
  • 5Strembeck M, Neumann G. An Integrated Approach to Engineer and Enforce Context Constraints in RBAC Environments[J]. ACM Trans. on Information and System Security, 2004, 7(3): 392-427.
  • 6Uszok A, Bradshaw J, Jeffers R, et al. KAoS Policy Management for Semantic Web Services. IEEE Intelligent Systems,2004, 19(4): 32-41
  • 7Baader F, Nutt W. Basic Description Logics. In: the Description Logic Handbook, F. Baader, D. Calvanese, D.L. McGuinness,et al,eds. Cambridge University Press, 2002. 47-100
  • 8Horrocks I, Patel-Schneider P F, Boley H, et al. SWRL: A semantic Web rule language combining owl and ruleml. W3C Member Submission, 21 May 2004. Available at: http://www. w3.org/Submission/SWRL/
  • 9Damianou N, et al. The Ponder Policy Specification Language.In: Proc. Policy 2001, Workshop on Policies for Distributed Systems and Networks, Bristol, UK, Jan. 2001. 18-39
  • 10Koch M, Mancini LV, Parisi-Presicce F. A graph-based formalism for rbac. ACM Transactions on Information and System Security (TISSEC), 2002. 332-365

共引文献15

同被引文献1

引证文献1

二级引证文献2

计算机工程与应用
2014年 第19期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部