摘要
针对著名的 RBAC96模型的不足之处 ,结合私有权限、部门权限和权限属性变化等问题 ,对角色权限及角色层次关系进行了分析 ,提出了一个改进的角色层次化关系模型 .该模型引入特征权限等概念 ,通过定义一般继承、私有化继承、公有化继承和无特征继承等新的角色继承方式建立角色层次化关系模型 .新模型比 RBAC96模型更加简化和易于理解 ,且具有更强的可伸缩性 ,特别适合于在复杂的角色层次关系中应用 ,例如网络操作系统、大型数据库、分布式应用等 .
Combined with the issues of private permissions, department permissions and changes of permission types, subjects of role permissions and role hierarchies are analyzed in more depth and an improved role hierarchy model for role based access control (RBAC) is introduced against the imperfections of the famous RBAC96 model. Some new concepts such as special permissions are presented in the model. Concepts like normal inheritance, privatizing inheritance, publicizing inheritance and special-without inheritance are defined, thus a new role hierarchy model is formulated. It is simpler and more comprehensible to describe the same role relationships in the improved model when compared with RBAC96. It is more flexible, and more suitable to be used in large-scale role hierarchies such as operating systems, DBMS, distributed applications, etc.
出处
《北京理工大学学报》
EI
CAS
CSCD
北大核心
2002年第5期611-614,共4页
Transactions of Beijing Institute of Technology
基金
北京市质量技术监督局信息化建设专项资金资助项目
