多自治域协同的数据库访问控制

计算机工程与应用 ›› 2007, Vol. 43 ›› Issue (16): 180-182.

多自治域协同的数据库访问控制

葛丽娜，贺忠华

广西民族大学计算机科学与信息学院，南宁 530006

收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-06-01 发布日期:2007-06-01
通讯作者: 葛丽娜

Access control scheme for database in multi-domain autonomous collaborative environment

GE Li-na，HE Zhong-hua

School of Computer Science & Information，Guangxi University for Nationality，Nanning 530006，China

Received:1900-01-01 Revised:1900-01-01 Online:2007-06-01 Published:2007-06-01
Contact: GE Li-na

摘要/Abstract

摘要： 多自治域的协同工作领域中，资源拥有者应该对数据库资源的操作方式及粒度有最终决定权;用户域对用户的职能作明确规定。显然角色直接映射权限的RBAC模型在多自治域协作环境中是不合理的。针对多自治域协同的数据库访问，提出基于角色的四层访问控制模型及其设计，资源域定义资源角色与权限的映射，用户域与资源域协商来映射用户角色与资源角色。该方案简单合理，分清职责，符合数据访问安全需求。

Abstract: In multi-domain autonomous collaborative environment，the resource providers of database have the ultimate authority over their resources to decide how to access their database resource and what granularity is，and the security administrators of domain user located manage user roles.Apparently，directly mapping user role to permission of other autonomous domains is not reasonable in multi-domain collaborative environment.In this paper，four lay RBAC（4-RBAC） model and its implement for database access is proposed in multi-domain autonomous collaborative environment.Mapping resource role to permission and defining resource role are done by the resource provider in the domain resource located.Then domain user located has to negotiate with domain resource located to map user role to resource role.The scheme in this paper is simple and reasonable.It is separation of duty and guarantee for database’s security.

葛丽娜，贺忠华. 多自治域协同的数据库访问控制[J]. 计算机工程与应用, 2007, 43(16): 180-182.

GE Li-na，HE Zhong-hua. Access control scheme for database in multi-domain autonomous collaborative environment[J]. Computer Engineering and Applications, 2007, 43(16): 180-182.