摘要
通过分析RBAC模型结构,提出并设计实现了统计管理系统中数据库安全访问控制的新方法。角色定义遵循最大基数约束和职责分离两个原则,有效控制了较大权利访问控制权限的分配,且减少了欺骗行为的发生概率;通过构建多种安全员角色和存储过程实现了安全控制的细化管理。系统的正常运行表明,基于该方法的WEB_TJ系统是安全可靠的。
A novel method for designing and implementing database safe access control in a statistic management system is proposed on the basis of analyzing RBAC model. The definition of roles must be on two principles that are the maximal cardinal number constraint and separateness of duty and responsibility, and the assignment of too much access control right has been controlled efficiently, and the probability of deceiving behavior has been reduced. The detailed management of safe controlling has been implemented through building many roles of safety manager and storage procedures. The normal operating of the WEB_TJ shows that the system based on the method is safe and reliable.
出处
《河南科技大学学报(自然科学版)》
CAS
2003年第3期68-71,共4页
Journal of Henan University of Science And Technology:Natural Science
基金
河南省自然科学基金资助项目(994060900)
关键词
RBAC模型
数据库
安全访问控制
访问权
网络
Distributed database system
Rolebased access control
Information table
