| RBAC系统中安全审计功能的研究与实现 |
| |
| 引用本文: | 欧阳荣彬,王倩宜,刘云峰,李丽.RBAC系统中安全审计功能的研究与实现[J].实验技术与管理,2011,28(6):113-115. |
| |
| 作者姓名: | 欧阳荣彬 王倩宜 刘云峰 李丽 |
| |
| 作者单位: | 北京大学计算中心,北京,100871 |
| |
| 摘 要: | 标准的RBAC(role-based access control,基于角色的访问控制)模型没有定义安全审计策略,一般的RBAC审计扩展只是记录信息,未自动监控并触发安全事件。该文提出了一种整体的安全审计模型,包括审计记录、审计监控和事件响应等,阐述了审计监控实现的若干要点。展示了该模型在北京大学IAAA统一安全系统中的应用实践。
|
| 关 键 词: | RBAC 安全审计模型 审计监控 IAAA |
Research and implementation on auditing in RBAC-based systems |
| |
| Ouyang Rongbin,Wang Qianyi,Liu Yunfeng,Li Li.Research and implementation on auditing in RBAC-based systems[J].Experimental Technology and Management,2011,28(6):113-115. |
| |
| Authors: | Ouyang Rongbin Wang Qianyi Liu Yunfeng Li Li |
| |
| Institution: | (Computer Center,Peking University,Beijing 100871,China) |
| |
| Abstract: | Standard RBAC(role-based access control) models do not define auditing strategy.Their auditing extensions always just record operation information and have lack of monitoring auditing automatically.This paper presents a general auditing model including recording,monitoring and treating.And some key points in the implementation of auditing monitoring are described.The model is implemented and applied in PKU IAAA Unified Security System. |
| |
| Keywords: | RBAC model general auditing model auditing monitoring IAAA |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
