摘要: 针对网格访问控制的多域性和动态性,指出了传统访问控制策略在实际应用中的不足,对现有RBAC模型进行功能上的扩展,建立了基于环境-角色的网格访问控制模型G_ERBAC。该模型引入环境实体以及域管理的概念,根据域间动态角色映射规则实现用户-角色分配,通过基于环境的动态安全引擎机制调整角色-权限,实现了用户-动态角色-动态权限的相关,从而能更好地适用于网格环境。
关键词:
网格,
基于角色的访问控制,
基于环境-角色的网格访问控制
Abstract: Aiming at the multi-domain and dynamic characteristics of the access control in gird, the shortage of traditional access control strategy is demonstrated. The RBAC model is functionally branched out and the G_ERBAC model is presented. In G_ERBAC model, the environment entity and the concept of domain management are introduced. With its user-role assignments performed according to dynamic role reflection rules between domains, and role-permission adjusted by environment-based dynamic security engineering machine, the G_ERBAC model provides user-active role-active permission associated dynamically, and it is more suitable for grid.
Key words:
grid,
Role-based Access Control (RBAC),
G_ERBAC
中图分类号:
李 卉;王航宇;汪厚祥. G_ERBAC网格安全访问控制模型[J]. 计算机工程, 2008, 34(1): 43-46.
LI Hui; WANG Hang-yu; WANG Hou-xiang. G_ERBAC Security Access Control Model in Grid[J]. Computer Engineering, 2008, 34(1): 43-46.