期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于角色的带时限的转授权与撤销模型

Temporal Role-based Delegation and Revocation Model
下载PDF
导出
摘要 当前基于角色的访问控制系统完全依赖于管理者的集中管理方式,不能够满足分布式环境下的系统管理的需求,基于角色的转授权模型更适于分布式环境的授权管理。但是,目前已有的转授权模型的研究都仅限于基于常规角色的转授权与撤销,并且没有详细地讨论带时限的转授权与撤销的机制。本文将时间因素引入到转授权模型当中,同时在基于角色的管理模型的研究基础之上所扩展的模型称作基于角色的带时限的转授权与撤销模型(Temporal Role-hased Delegation and Revocation Model,TRDRM)。TRDRM在支持常规角色的转授权与撤销的同时,也支持管理角色的转授权与撤销,是集中管理方式和分布式管理方式的有效结合,满足了协同工作的需要。 Role-based Access Control is an enabling technology for managing and enforcing security in large-scale and enterprise -wide systems.Researchers have proposed many enhancements of RBAC models in the past decade, and delegation is an important factor for secure distributed computing environment.Delegation models with capabilities to process temporal information are powerful.RDM (Role-based Delegation Model) and TRDM (Temporal Role-based Delegation Model)are recently published delegation models focused on regular role delegation.This paper presents a Temporal Role-based Delegation and Revocation Model called TRDRM based on both RDM and TRDM.TRDRM not only supports regular role delegation and revocation, but also supports administrative role delegation and revocation.It is an effective way to build bridge between central management and distributed management.A prototype implementation of TRDRM is presented in the last part of this paper.It is the first step to incorporate TRDRM into the Collaborative Work Platform Systems.
作者 冀高峰 汤庸 易盛 刘晓玲 陈朋
机构地区 中山大学 计算机科学系
出处 《计算机工程与应用》 CSCD 北大核心 2006年第A01期11-15,共5页 Computer Engineering and Applications
基金 国家自然科学基金资助项目(60373081 60673135) 广东省科学技术基金资助项目(04105503 05200302 5003348) 教育部"新世纪优秀人才支持计划"资助项目。
关键词 访问控制 转授权 时限 管理角色 access control delegation temporal administrative role
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献1

二级参考文献17

  • 1Ravi S Sandhu.Future directions in role-based access control models.Mathematical Methods,Models and Architectures for Computer Networks Security,St Petersburg,2001
  • 2Ravi S Sandhu,Edward J Coyne,Hal L Feinstein,et al.Role-based access control models.IEEE Computer,1996,29(2):38~47
  • 3Sylvia L Osborn,Ravi S Sandhu,Qamar Munawer.Configuring role-based access control to enforce mandatory and discretionary access control policies.ACM Trans on Information and System Security,2000,3(2):85~106
  • 4Gail-Joon Ahn,Ravi S Sandhu.The RSL99 language for role-based separation of duty constraints.ACM Workshop on Role-Based Access Control,Fairfax,Virginia,USA,1999
  • 5Ravi S Sandhu,Venkata Bhamidipati,Qamar Munawer.The ARBAC97 model for role-based administration of roles.ACM Trans on Information and System Security,1999,2(1):105~135
  • 6David F Ferraiolo,Ravi Sandhu.A proposed standard for role-based access control.ACM Trans on Information and System Security,2001,4(3):25~29
  • 7Sun Microsystems Company.Trusted Solaris Operating Environment.http://wwws.sun.com/software/solaris/trustedsolaris/features.html,2003
  • 8LouAnna Notargiacomo.Role-based access control in Oracle 7 and trusted Oracle 7.The 1st ACM Workshop on Role-Based Access Control,Gaithersburg,Maryland,United States,1995
  • 9Joon S Park,Ravi S Sandhu.RBAC on the Web by smart certificates.In:Proc of the 4th ACM Workshop on Role-Based Access Control.New York:ACM Press,1999.1~9
  • 10Joon S Park,Ravi S Sandhu,SreeLatha Ghanta.RBAC on the Web by Secure Cookies.International Federation for Information Processing the 13th Int'l Conf on Database Security,Deventer,Washington,1999

共引文献25

计算机工程与应用
2006年 第A01期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部