Computer Engineering and Applications ›› 2014, Vol. 50 ›› Issue (19): 66-69.
Previous Articles Next Articles
TAO Yong, WANG Chengliang
Online:
Published:
陶 勇,汪成亮
Abstract: Treating attribute as authorization constraints, an extended model of RBAC with attributes is proposed. An OWL-based policy representation method of attributive-based RBAC model is presented, in which complex attribute expressions, partial ordering relations between attribute values, role hierarchies, and constraints can be explicitly defined. Access control decisions, dominance relations between attribute expressions, and consistency of policy information can be drawn via an OWL reasoner. A study case is presented to show the feasibility of the method.
Key words: Role Based Access Control(RBAC), attribute expression, Web Ontology Language(OWL), reasoning
摘要: 将属性作为授权约束,给出了属性扩展的RBAC模型。提出了一种基于OWL的属性RBAC策略定义和表示方法。该方法支持复杂属性表达式、属性值偏序关系、角色层次关系和约束的定义;在推理机的支持下,可以执行访问控制决策推理,属性表达式支配关系判定和策略知识一致性检测。具体应用案例说明了该方法的可行性。
关键词: 基于角色的访问控制(RBAC), 属性表达式, Web本体语言(OWL), 推理
TAO Yong, WANG Chengliang. Attributive-based RBAC policy representation and reasoning using OWL[J]. Computer Engineering and Applications, 2014, 50(19): 66-69.
陶 勇,汪成亮. 属性RBAC策略的OWL表示和推理[J]. 计算机工程与应用, 2014, 50(19): 66-69.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://cea.ceaj.org/EN/
http://cea.ceaj.org/EN/Y2014/V50/I19/66