• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2007, Vol. 29 ›› Issue (9): 53-55.

• 论文 • 上一篇    下一篇

IRBAC 2000角色转换冲突处理策略

冯学斌[1] 郑峰[2] 洪帆[1]   

  • 出版日期:2007-09-01 发布日期:2010-06-02

  • Online:2007-09-01 Published:2010-06-02

摘要:

LRBAC 2000模型为我们提供了一个在多个RBAC域之间进行安全互操作的模型,使得外域角色能够转换为本地域角色从而访问本地资源。但是,LRBAC 2000在域间进行角色转换  时可能会产生“冲突”。本文分析了冲突产生的情形及处理方法,提出了冲突检测算法和冲突子集最小化算法,并讨论了消除冲突的约束策略。

关键词: 访问控制 RBAC 安全域 安全互操作

Abstract:

The IRBAC 2000 provides us with a model for the interoperability between RBAC secure domains. It translates the roles from foreign domains to the loca l ones of local domains so that the foreign users can access the local resources. But such a translation may lead to "conflict association". The paperr analyses the causes and the counteraction of the conflict, presents algorithms to determine the existence of the conflicts and to minimize the conflic t association set, and discusses the strategy to eliminate the conflict by constraints.

Key words: (access control, RBAC, secure domain, secure interoperability)