• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2007, Vol. 29 ›› Issue (9): 30-33.

• 论文 • 上一篇    下一篇

一种基于角色的多层次角色管理模型

张昭理 洪帆 夏翔胜   

  • 出版日期:2007-09-01 发布日期:2010-06-02

  • Online:2007-09-01 Published:2010-06-02

摘要:

基于角色的访问控制(RBAC)是一种目前被广泛接受和应用的访问控制模型,利用角色管理角色是一种很好的尝试,其代表模型为ARBAC97。但是,ARBAC97的基本模型无法满足复杂、多层次的实际应用。对此,本文提出了一种基于角色的多层次角色管理模型(MARBAC),并给出了该模型的详细定义和实现说明。在多层框架下,无法满足封闭 性的角色范围可以被划分到多个层次,使得在各个层次中封闭性必须得到满足。该模型可以实现复杂、多层次的应用需求。

关键词: 角色 访问控制 多层 基于角色的访问控制

Abstract:

RBAC is a widely accepted and implemented model nowadays. An appealing possibility is to use roles to manage roles; the widely accepted model is ARBAC97. However, the original ARBAC97 cannot implement complex and multilayer applications. Thus, this paper proposes a muhilayer model for role-based administration of roles (MARBAC). Definitions and descriptions of the model are given. Within the muhilayer framework, the ranges that are not encapsulatedd can be divided into different layers, in which ranges should be encapsulated. The MARBAC model is able to implement complex and muhilayer applications

Key words: role, access control, multilayer;role-based access control