摘要
基于角色的访问控制(RBAC,Role-Based Access Control)凭借其授权的灵活性以及模型的可靠性被电力信息系统广泛采用。但随着智能采集设备的日渐普及,电力系统规模的不断扩大,再加上电力信息系统较于传统信息系统对资源安全性要求更高,传统RBAC模型应用在电力信息系统中的安全问题(如权限滥用等)日益暴露。针对传统RBAC模型的不足,文章提出一种安全性优化的RBAC模型,引入了监察组SG(Supervise Group)概念以及重要权限监察、层级代理机制,并设计了SG的生成算法和优化模型的流程、伪代码。经实例验证,优化的算法有效地对敏感权限进行了合理的监察,在满足电力信息系统功能的同时加强了系统的安全性。
Role-Based Access Control(RBAC)have been adopted bythe electric power informationsystem rely on its reliable security and fl exibility of authorization.But due to the popularization andexpansion of Intelligent acquisition equipment and the electrical powersystem,combined with thestricter security requirement of electrical informationsystem,the security issues exposed when thetraditional RBAC model be applied to the electric power information system.This paper put forwarda kind of safety optimized RBAC model.In this model,we import the concept of SG(SuperviseGroup)and the machine-made of the supervision of sensitive permission to expand the traditionalRBAC in safety fi eld.In this paper,the generating algorithm of SG and the pseudo code,fl ow chartof the optimized model is also be given.An example is given to show that the proposed algorithmcan effectively supervise the sensitive permission and enhance the security of the electric powerinformation system while satis-fying the function of it.
作者
顾春华
高远
田秀霞
GU Chunhua;GAO Yuan;TIAN Xiuxia(Institute of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 200082, China)
出处
《信息网络安全》
CSCD
2017年第5期74-79,共6页
Netinfo Security
基金
国家自然科学基金[61532012]
上海市科委地方能力建设项目[15110500700]
