摘要
对典型的基于角色的访问控制模型(RBAC)作了扩展,研究了如何从现实世界获取有用信息来构造RBAC、如何实施RBAC、如何进行安全管理等问题.提出了实施RBAC的安全管理系统的三层体系结构,并给出了在三层体系结构上实施RBAC的方法.通过把网络作为一个整体,在安全管理系统中实现了基于角色的访问控制,以及实现了跨平台的基于角色的安全管理的系统化和自动化.
The traditional role-based access control (RBAC) model was extended for studying practical ways to implement access control, enforce security administration, and acquire available information from real world to construct an access control model and establish security policies. A three-layered architecture for role-based security administration was proposed. And a practical way was presented to implement role-based access control and role-based security administration, so that cross-platform role-based access control is implemented automatically and systematically in the security administration system.
出处
《浙江大学学报(工学版)》
EI
CAS
CSCD
北大核心
2004年第4期408-413,共6页
Journal of Zhejiang University:Engineering Science
基金
浙江省自然科学基金资助项目(600014)
浙江省重大科技计划资助项目(1101104).
