J4 ›› 2011, Vol. 33 ›› Issue (9): 24-28.
• 论文 • Previous Articles Next Articles
WEI Lifeng,DING Yan,CHEN Songzheng,HE Lianyue
Received:
Revised:
Online:
Published:
Abstract:
Authentication trustworthiness reflects the degree of trustworthiness of the user who has passed system authentication. Based on authentication trustworthiness, logging in is restricted, user’s role and role’s mandatory access control rights are restricted, and then the user’s rights control technology is proposed. Combing authentication trustworthiness with accessing systems, it requests that the user must have some authentication trustworthiness when he wants to access a system, and the important user must pass an important identity authentication mechanism. Applying authentication trustworthiness to RBA(Role Based Authorization), it can decide which role can be activated by the user, and also can decide what rights can be activated by the active role of the user, and reflects on every mandatory access control policy, it implements the unification of authentication and access authorization, solves the problem of improper right obtaining. Finally, more contents to be studied are pointed out.
Key words: authentication trustworthiness;mandatory access control;role based authorization;access authorization
WEI Lifeng,DING Yan,CHEN Songzheng,HE Lianyue. Research on User’s Rights Control Technology Based on Authentication Trustworthiness[J]. J4, 2011, 33(9): 24-28.
0 / / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://joces.nudt.edu.cn/EN/
http://joces.nudt.edu.cn/EN/Y2011/V33/I9/24
[1]汪伦伟,廖湘科,王怀民. 认证可信度理论研究[J]. 计算机研究与发展,2005,42(3):501506. [2]Wang Lunwei, Liao Xiangke, Wang Huaimin. ATPAM: An Authentication Trustworthinessbased PAM[C]∥Proc ofthe 4th Int’l Conf on Information Security, 2004:204209. [3]Wang Lunwei, Wei Lifeng, Liao Xiangke, et al. ATRBAC: an Authentication TrustworthinessBased RBAC Model[C]∥Proc of the 3rd Grid and Cooperative ComputingGCC 2004 Workshops,2004:343350. [4]汪伦伟,周良源,廖湘科,等. 基于认证可信度的BLP模型研究[J]. 计算机工程与应用,2004,40 (25):1820. [5]Wang Lunwei, Liao Xiangke, Wang Huaimin. Access Request Trustworthiness in Weighted Access Control Framework[J]. Wuhan University Journal of Natural Sciences, 2005, 10(1):6569. [6]陈松政, 何连跃, 罗军. 在角色定权框架下实现能力机制[J]. 计算机工程与科学,2006,28(2):104106.