计算机工程与应用 ›› 2007, Vol. 43 ›› Issue (12): 119-123.

• 网络、通信与安全 • 上一篇    下一篇

P-RBAC:一种门户环境下的访问控制模型

蒋友毅 宋靖宇 钟华   

  1. 中国科学院软件研究所 软件工程技术研究开发中心 武汉大学计算机学院
  • 收稿日期:2006-09-06 修回日期:1900-01-01 出版日期:2007-04-20 发布日期:2007-04-20
  • 通讯作者: 蒋友毅

P-RBAC: An Access Control Model in Portal Systems

YouYi Jiang JingYu Song Hua Zhong   

  • Received:2006-09-06 Revised:1900-01-01 Online:2007-04-20 Published:2007-04-20
  • Contact: YouYi Jiang

摘要: 门户能够有效地实现异构信息之间的集成与协作,并为用户提供可定制、统一且遵循规范的访问服务。然而,由于门户所具有的这些不同于普通Web应用的特性,也使得传统访问控制模型无法在门户中直接使用。文中提出了一种面向门户系统的访问控制模型P-RBAC。P-RBAC扩展了传统的基于角色访问控制模型,并根据行为状态进一步分为静态模型和动态模型。P-RBAC给出了静态模型和动态模型上的行为规则,提出了具体的动态权限指派和角色组织策略,从而有效地解决了门户的访问控制问题。实际的应用案例证明,P-RBAC模型能够适用于门户的访问控制,并较之传统访问控制模型更高效可行。

关键词: 门户, RBAC, 访问控制, P-RBAC

Abstract: Portals facilitate users to easily access information by integrating heterogeneous applications, services and data resources in a consistent way However, traditional access control models are not applicable to portal systems because of portal systems’ particularities shown above. This paper proposes an improved access control model for portal systems: P-RBAC. The model is based on RBAC by extending it both on concepts and on behaviors. The static and dynamic models of P-RBAC are described, and then a detailed discussion of the rules and policies on both models is given. The application of P-RBAC in real environment proves that it can be a possible and efficient solution for the access control in portal systems.

Key words: Portal, RBAC, Access Control, P-RBAC