计算机工程与应用 ›› 2010, Vol. 46 ›› Issue (29): 114-116.DOI: 10.3778/j.issn.1002-8331.2010.29.031

• 网络、通信、安全 • 上一篇    下一篇

侵略型中国墙安全模型的RBAC配置的扩展研究

张毅辉,梁久祯   

  1. 江南大学 信息工程学院,江苏 无锡 214122
  • 收稿日期:2009-03-10 修回日期:2009-05-14 出版日期:2010-10-11 发布日期:2010-10-11
  • 通讯作者: 张毅辉

Research of enhanced Chinese Wall security policy—Aggressive model on RBAC

ZHANG Yi-hui,LIANG Jiu-zhen   

  1. School of Information Engineering,Southern Yangtze University,Wuxi,Jiangsu 214122,China
  • Received:2009-03-10 Revised:2009-05-14 Online:2010-10-11 Published:2010-10-11
  • Contact: ZHANG Yi-hui

摘要: 中国墙安全模型是商业信息安全领域中的一个重要的安全策略模型,但是它缺少有效的实施模型和机制。研究了侵略型中国墙安全模型的利益冲突关系、数据组织等,分析了基于角色的访问控制(RBAC)模型的控制机制,利用RBAC的“策略中性”原理,配置RBAC实施侵略型中国墙安全模型,并举例配置了拥有5个有利益冲突公司的RBAC模型。通过对RBAC的配置,使得侵略型中国墙安全模型可以更加方便有效地实施。

Abstract: Chinese Wall security model is an important model of security policy in the field of business information security,but it lacks the effective implementation model and the mechanism.Firstly,this paper studies the conflict of interest relations,database organization,etc. of Chinese Wall security policy-An aggressive model.Then the control mechanism of the RBAC model is analyzed.Furthermore,using “the strategy neutrality” of the RBAC model,RBAC is disposed to implement Chinese Wall security policy-An aggressive model.Finally,an example to dispose RBAC model is given,in which five companies have the conflict of interest relations.Chinese Wall security policy-An aggressive model can be more convenient and effective by configuring this model on RBAC.

中图分类号: