| 基于角色的管理模型隐式授权分析 | |
| 刘伟 ; 蔡嘉勇 ; 贺也平 | |
| 刊名 | 软件学报
 |
| 2009 | |
| 卷号 | 20期号:4页码:1048-1057 |
| 关键词 | 隐式授权 基于角色的管理模型 最小授权 基于角色的访问控制 implicit authorization role-based administrative model least authorization role-based access control |
| ISSN号 | 1000-9825 |
| 其他题名 | implicit authorization analysis of role-based administrative model |
| 中文摘要 | 基于角色的管理模型被用于管理大型RBAC(role-based access control)系统的授权关系,UARBAC具有可扩展、细粒度等优点.UARBAC的管理操作包含隐式授权.隐式授权分析说明UARBAC管理操作的两类缺陷,包括两个定义缺陷,即无法创建客体和虚悬引用,以及一个实施缺陷,即不支持最小授权.通过修改管理操作更正定义缺陷,提出实施缺陷的改进方案.定义实施最小授权的最小角色匹配问题,证明该问题是NP难,并给出基于贪心算法的可行方案,帮助管理员选择合适的管理操作将最小角色集合授予用户. |
| 收录类别 | wanfang,ei,cnki,cscd |
| 资助信息 | Huazhong University of Science and Technology |
| 语种 | 中文 |
| 公开日期 | 2010-08-23 |
| 附注 | Role-Based administrative models have been discussed for decentralized management in large RBAC (role-based access control) systems. The latest UARBAC model has significant advantages over other models. Due to hierarchy relationships, administrative operations of UARBAC implicate permissions. By analyzing implicit authorization, two flaws in definition and an implemental flaw in UARBAC are found, including being unable to create object, dangling reference and not supporting the least authorization. The paper corrects definitions of administrative operations for the former two. The least authorization in UARBAC is defined as the minimal role match problem. The paper proves the problem is NP-hard and gives a feasible algorithm based on greedy. The method will help the administrator use appropriate operations to achieve the least role assignment. |
| 内容类型 | 期刊论文 |
| 源URL | [http://124.16.136.157/handle/311060/3726]  |
| 专题 | 软件研究所_基础软件国家工程研究中心_期刊论文 |
| 推荐引用方式 GB/T 7714 | 刘伟,蔡嘉勇,贺也平. 基于角色的管理模型隐式授权分析[J]. 软件学报,2009,20(4):1048-1057. |
| APA | 刘伟,蔡嘉勇,&贺也平.(2009).基于角色的管理模型隐式授权分析.软件学报,20(4),1048-1057. |
| MLA | 刘伟,et al."基于角色的管理模型隐式授权分析".软件学报 20.4(2009):1048-1057. |
| 个性服务 |
| 查看访问统计 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论