王宁,钞柯,罗嫔.实现细粒度访问控制的元模型研究[J].,2012,(3):452-457 |
实现细粒度访问控制的元模型研究 |
Research on meta-model to realize fine-grained access control |
|
DOI:10.7511/dllgxb201203024 |
中文关键词: 访问控制 细粒度 数据对象 操作级别 元模型 |
英文关键词: access control fine-grain data object operation level meta-model |
基金项目:国家自然科学基金资助项目(91024029);中央高校基本科研业务费专项资金资助项目(DUT10JR11). |
|
摘要点击次数: 1315 |
全文下载次数: 697 |
中文摘要: |
从用户要求对数据对象达到细粒度访问控制的需求出发,借助元模型的概念,对基于OB4LAC的权限维度进行细粒度扩充,充分融合数据对象的时间期限、安全限制、上下文环境等属性特征,建立了关于数据对象和操作客体的细粒度元模型,并探讨了两者的粒度归并规则,提炼出功能权限集和功能菜单.由此为系统角色的界定和划分提供参照标准,更加方便了角色的统一管理,达到灵活的细粒度访问控制目标,有利于制定优化的访问控制策略. |
英文摘要: |
Aiming at users′ demanding for fine-grained access control to protected information resources, the term ″permission″ in OB4LAC is expanded to be more finely granular in the way of meta-model. Attributes of information resources, such as time period, security constraints and context situation, are taken into account to establish fine-grained meta-model of data object and operation object, of which merging rules are researched so that the set of function permissions and function menus can be fine-grained. As such, roles can be wisely identified and classified accordingly, which is helpful for managing roles and achieving goals of fine-grained access control, as well as providing methods for establishing optimal access control policy. |
查看全文
查看/发表评论 下载PDF阅读器 |
关闭 |
|
|
|