期刊文献+

RBAC模型分析及其在农业管理系统中的应用

下载PDF
导出
摘要 针对复杂系统中因角色数量多,用户职责属性经常动态改变等导致访问控制的复杂性问题,本文首先分析了访问控制理论。该理论在充分考虑用户组织形式与授权关系基础上,以用户分组信息为角色分配主体,同时增加信息系统中资源访问操作的权限。然后改进了RBAC模型,对其模块进行了相应的优化操作,用Yii框架进行实现,提供了一个可扩展、多层次及可定制的安全体系来为应用开发提供安全机制。最后基于访问控制机制的有效性,设计了一个农业智能管理系统。有效解决了农业智能系统中角色复杂,不同模块之间操作权限,数据安全性的问题。分析表明该模型具有授权粒度细,可伸缩性,可扩展性,安全性等优点。
作者 房亚飞
出处 《福建电脑》 2018年第2期137-140,共4页 Journal of Fujian Computer
  • 引文网络
  • 相关文献

参考文献1

二级参考文献18

  • 1Cranor L F. Platform for privacy preferences (p3p)[M]//Ency- clopedia of Cryptography and Security. Springer US, 2011..940- 941.
  • 2Ashley P, Hada S, Karjoth G, et al. Enterprise privacy authori- zation language (EPAL 1,2)[Z]. Submission to W3C, 2003.
  • 3Ni Q, Bertino E, Lobo J, et al. Privacy-aware role-based access control[J]. ACM Transactions on Information and System Secu- rity (TISSEC) ,2010,13(3) .,24.
  • 4Ardagna C A, Cremonini M, De Capitani di Vimercati S, et al. A privacy-aware access control system[J]. Journal of Computer Security, 2008,16 (4) : 369-397.
  • 5Ardagna C A,Damiani E,di Vimercati S D C,et al. Towards pri- vacy-enhanced authorization policies and languages[M]//Data and Applications Security XIX. Springer Berlin Heidelberg, 2005.. 16-27.
  • 6Kolter J,Schillinger R, Pernul G. A privacy-enhanced attribute- based access control system[C]//Proc, of the 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Securi- ty. Edondo Beach, CA, USA, July 2007.
  • 7Ferraiolo D F, Sandhu R, Gavrila S, et al. Proposed NIST stan- dard for role-based access control[J]. ACM Transactions on In- formation and System Security (TISSEC), 2001,4(3) : 224-274.
  • 8Ferraiolo D, Cugini J, Kuhn D R. Role-based access control (RBAC) : Features and motivations [C] // Proceedings of llth Annual Computer Security Application Conferenc, 1995.,241-248.
  • 9Anderson A. A comparison of two privacy policy languages:EP- AL and XACML[C]//Proceedings of the 3rd ACM Workshop on Secure Web Service. 2005.
  • 10Ardagna C A,Cremonini M,De Capitani di Vimercati S,et al. A privacy-aware access control system[J]. Journal of Computer Security, 2008,16(4) :369-397.

共引文献7

相关主题

;
使用帮助 返回顶部