计算机工程与应用 ›› 2010, Vol. 46 ›› Issue (33): 132-138.DOI: 10.3778/j.issn.1002-8331.2010.33.038

• 数据库、信号与信息处理 • 上一篇    下一篇

面向多级关系数据库的RBAC扩展模型

钟 勇1,2,郭伟刚1,钟昌乐1   

  1. 1.佛山科学技术学院 信息与教育技术中心,广东 佛山 528000
    2.南京理工大学 计算机科学与技术博士后流动站,南京 210094
  • 收稿日期:2009-04-02 修回日期:2009-06-22 出版日期:2010-11-21 发布日期:2010-11-21
  • 通讯作者: 钟 勇

Extended RBAC model for multilevel relational database

ZHONG Yong1,2,GUO Wei-gang1,ZHONG Chang-le1   

  1. 1.Information and Educational Technology Center,Foshan University,Foshan,Guangdong 528000,China
    2.Postdoctoral Mobile on Computer Application,Nanjing University of Science and Technology,Nanjing 210094,China
  • Received:2009-04-02 Revised:2009-06-22 Online:2010-11-21 Published:2010-11-21
  • Contact: ZHONG Yong

PDF

摘要: 提出了一种角色访问控制扩展模型,该模型在标准RBAC体系中引入分级策略,通过扩展读写规则和授权限制消除了RBAC中向下的信息流,并通过范围分离和会话密级等语义保留了标准RBAC的灵活性和表达力。该模型可应用在众多既需要控制信息流动的强制存取控制又需要有角色存取机制灵活性的系统中。在给出模型的形式化定义后,对模型的实现规则、访问策略、权限分配管理、在多级关系数据库中的实现机制及模型的BNF范式以及具体应用做了说明。

关键词: 角色访问控制, 强制访问控制, 多级关系数据库

Abstract: An extended model of role based access control is proposed,which introduces classified policy into standard RBAC.The model erases the downward information flow by extended rules of read and write and some authorization constraints,and keeps the expressive power and flexibility of the standard RBAC by semantics of separation of category relations and session classes.The model can be used in the information systems that need not only the MAC to control the information flow but also the flexibility of the RABC.After a formal definition of the model,the implementation rules,access decision policies,management of authorization distribution,implement mechanism in multilevel relational database,BNF notations and application of the model are also discussed.

Key words: role based access control, mandatory access control, multilevel relational database

中图分类号: 

京ICP备13024262号-1
Copyright © 《计算机工程与应用》编辑部
技术支持:北京玛格泰克科技发展有限公司
总访问量
今日访问
在线人数