期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于角色的域-类型增强访问控制模型研究及其实现 被引量:3

Research and Implementation of Role-Based Domain and Type Enforcement Access Control Model
下载PDF
导出
摘要 安全系统只有能够支持多种安全政策才能满足实际需求 .基于角色的访问控制 (Role BasedAccessCon trol,RBAC)是一种政策中性 (PolicyNeutral)的新模型 ,已经实现了多种安全政策 .域 类型增强 (DomainandTypeEnforce ment,DTE)安全政策充分体现了最小特权 (LeastPrivilege)和职责分离 (SeparationofDuty)的安全原则 ,但是 ,RBAC96不便于直接实现DTE .根据RBAC和DTE的思想 ,本文提出了“基于角色的域 类型增强访问控制”(Role BasedDomainandTypeEnforcementAccessControl,RDTEAC)模型 .该模型继承了RBAC96的优点 ,又体现了DTE的安全思想 ,并易于实现DTE安全政策 .此外 ,我们还在Linux上实现了RDTEAC模型的一个原型 . Only those systems which support multiple security policies can meet practical security requirements. The role-based access control (RBAC) is a new policy-neutral model, which has enforced multiple security policies. The domain and type enforcement security policy fully reflects the security principles of least privilege and separation of duties. According to RBAC and DTE, the role-based domain and type enforcement access control (RDTEAC) model is presented. RDTEAC not only inherits the advantage of RBAC, but also facilitates implementation of DTE security policy. A Linux prototype of RDTEAC was developed.
作者 赵庆松 孙玉芳 张晓平
机构地区 中国科学院软件研究所 山东建筑工程学院
出处 《电子学报》 EI CAS CSCD 北大核心 2003年第6期842-846,共5页 Acta Electronica Sinica
基金 国家 8 63高科技项目 (No 863 30 6 ZD1 2 1 4 2 ) 国家自然科学基金项目 (No 60 0 730 2 2 ) 中国科学院知识创新工程项目 (No KGCX1 0 9)
关键词 信息安全 多安全政策 域-类型增强 基于角色的访问控制 基于角色的域-类型增强访问控制 Computer control Information management Models
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献16

  • 1Butler W Lampson. Requirements and Technology for Computer Securi-ty[R]. Computers at Risk. Washington: Natiunal Academy Press,1991.74- 101.
  • 2C Bidan, V Issarny. Dealing with multi-policy security in large open distributed systems [A] .Proc of 5th European Symposium m Research in Computer Security [ C]. Louvain-la-Neuve, Belgium, Sep. 1998.51-66.
  • 3D E Bell, L J LaPadula. Secure Computer System: Unified Exposition and MULTICS Interpretatica [ R]. Technical Report MTR-2997,rev 1,MITRE Corp, Bedford, Maas, March 1976.
  • 4K J Biba. Integrity Considerations for Secure Computer Systems [R].Technical Report ESD-TR-76-372, ESD/AFSC, Hanscom AFB, Bedford, Mass, 1977. Also MITRE MTR-3153.
  • 5D Clark, D Wilson. A comparisoa oommercial and military computer security policies [A]. Proc of the IEEE Symposium on Security and Privacy [ C ]. Los Alamitos: IEEE Computer Society Press, 1987. 554 -563.
  • 6D Brewer, M Nash.The Chinese Wall security policy [ A ]. Proc of the 1989 IEEE Symposium on Security and Privacy [C]. Oakland,California, USA: IEEE Computer Society Press, May 1989.206 - 214.
  • 7Ravi Sandhu. Role-based access control [ J ]. Advances in Computers,1998,46:237 - 286.
  • 8R Sandhu, Q Munawer. How to do discretionary access using roles[ A]. Proc of the Third ACM Workshop on Role Based Access Cantrol[C]. Barkley, Cincotta, 1998.47 - 54.
  • 9S Osborn. Mandatory access control and role-based access control revisited [A].Proc of the Second ACM Workshop on Role Based Access Control [ C ]. Fairfax, Virginia USA: ACM Press, November 1997.31 -40.
  • 10Qingsong Zhao, Yufang Sun. Configuring role-baaed access control to enforce Chinese Wall policy [ A]. Proc d the Sixth International Conference for Younger Computer Scientists [ C ]. Hang Zhou, China,2001.563 - 568.

同被引文献21

  • 1孙巍,徐学东,徐学军.Java反射机制在可重构Web框架中的应用[J].计算机工程与应用,2005,41(36):92-94. 被引量:11
  • 2张方舟,王东安,李生,秦刚,宋成.采用J2EE安全机制支持RBAC模型的研究和实现[J].计算机工程,2006,32(13):125-127. 被引量:7
  • 3F Ferraiolo,R Sandhu,R Kuhn.Proposed NIST standard for role-based access control[J].ACM Transaction on Information and System Security,2001,4(3):224-274.
  • 4E Bertino,C Bettini.An access control model supporting periodicity constraints and temporal reasoning[J].ACM Transactions on Database Systems,1998,23(3):231-285.
  • 5L GiuRi,P IgLio.A formal model for role-based access control with constrains[A].In the Proceedings of the 9th IEEE Workshop on Computer Security Foundations[C].USA:IEEE Press,1996.136-145.
  • 6Trent Jaeger.On the increasing importance of constraints[A].In the Proceedings of the 4th ACM Workshop on Role-Based Access Control[C].USA:ACM Press,1999.33-42.
  • 7E Bertino,P A Bonatti,E Ferrari.TRBAC:A temporal role-based access control model[J].ACM Transactions on Information and System Security,2001,4(3):58-90.
  • 8S Barker.TRBACN:A Temporal Authorization Model[M].Lecture Notes in Computer Science,Berlin:Springer-verlag Press,2001.
  • 9Sandhu Ravi,Ferraiolo David,Kuhn Richard.NIST model for role-based access control:Towards a unified standard[C].Proceedings of the ACM Workshop on Role-Based Access Control.New York,USA:ACM.2000:47-63.
  • 10Ferraiolo David E Sandhu Ravi,Gavrila Serban,et al.Proposed NIST standard for role-based access control[J].ACM Transactions on Information and System Sccurity,2001,4(3):224-274.

引证文献3

二级引证文献27

电子学报
2003年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部