| 基于角色访问控制模型实现 |
| |
| 引用本文: | 崔仁杰,马明.基于角色访问控制模型实现[J].西安文理学院学报,2005,8(4):57-60. |
| |
| 作者姓名: | 崔仁杰 马明 |
| |
| 作者单位: | 西安工程科技学院现代教育技术中心,陕西西安710048 |
| |
| 摘 要: | 主要介绍在访问控制领域中基于角色访问控制模型的需求、发展和应用,并提出了基于角色访问控制模型数据库实现模型和API实现模型。基于角色访问控制模型通过角色继承实现角色结构化分层,反映现实组织的授权和责任,静态责任分离或者动态责任分离实现了责任分离,解决利益冲突,防止用于超越权限。这种模型实现了灵活的授权机制,便于分级管理,通过最小特权,减少网络实施风险,详细介绍并讨论基于角色控制的数据库模型和API模型的实现方法。
|
| 关 键 词: | 基于角色访问控制 网络安全 API模型 |
| 文章编号: | 1008-5564(2005)02-0057-04 |
| 收稿时间: | 04 18 2005 12:00AM |
| 修稿时间: | 2005年4月18日 |
Implementation Mechanism of Role-Base Access Control Model |
| |
| CUI Ren-jie, MA Ming.Implementation Mechanism of Role-Base Access Control Model[J].Journal of Xi‘an University of Arts & Science:Natural Science Edition,2005,8(4):57-60. |
| |
| Authors: | CUI Ren-jie MA Ming |
| |
| Abstract: | This paper mainly introduces the requirement of role-base access control model in the access control field, its development and application. It puts forward the implementation models of RBAC database and API. With RBAC model, implementation of hierarchy of role structures is realized by role inheritance, reflecting the authority and reliability of real organizations. Separation of static or dynamic liability realizes the separation of liability, solving the problem of benefit conflict and preventing right excess. This model makes the authorization more flexible, management at different levels simpler, and risk in the implementation of networks less with minimized authority. Detailed discussion is given regarding the implementation of models of RBAC database and API. |
| |
| Keywords: | role-base access control network security API model |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
