Computer Engineering and Applications ›› 2010, Vol. 46 ›› Issue (36): 101-104.DOI: 10.3778/j.issn.1002-8331.2010.36.028

• 网络、通信、安全 • Previous Articles     Next Articles

Flexible hybrid RBAC model and inconsistency resolution

Nurmamat Helil1,Kaysar Rahman1,2,Azhar Halik1,2   

  1. 1.College of Mathematics and System Sciences,Xinjiang University,Urumqi 830046,China
    2.School of Mechanical Engineering,Xinjiang University,Urumqi 830046,China
  • Received:2010-09-02 Revised:2010-10-18 Online:2010-12-21 Published:2010-12-21
  • Contact: Nurmamat Helil



  1. 1.新疆大学 数学与系统科学学院,乌鲁木齐 830046
    2.新疆大学 机械工程学院,乌鲁木齐 830046

  • 通讯作者: 努尔买买提·黑力力

Abstract: This paper presents a flexible hybrid RBAC model with combination of positive and negative authorizations both on user-role assignment and permission-role assignment relations and analyzes the policy inconsistency due to the coexistence of mutually exclusive authorizations,then proposes two kinds of inconsistency resolution approaches.Policy incompleteness is also discussed.

Key words: Role Based Access Control(RBAC), negative authorization, inconsistency resolution

摘要: 提出了一种在用户角色指派和权限角色指派关系中正负授权相结合的灵活的混合RBAC模型,并分析了同时存在互斥授权所引起的冲突;提出了两种冲突解决方法,讨论了策略不完整性。

关键词: 基于角色的访问控制(RBAC), 负授权, 冲突解决

CLC Number: