计算机工程 ›› 2008, Vol. 34 ›› Issue (8): 193-194.doi: 10.3969/j.issn.1000-3428.2008.08.068

• 安全技术 • 上一篇    下一篇

动态安全模型中基于代理的访问控制

丁 胜1,2,王思鹏2,王晓峰2   

  1. (1. 武汉大学遥感信息工程学院,武汉 430079;2. 武汉科技大学计算机科学与技术学院,武汉 430081)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-04-20 发布日期:2008-04-20

Agent-based Access Control for Dynamic Security Model

DING Sheng1,2, WANG Si-peng2 , WANG Xiao-feng2   

  1. (1. School of Remote Sensing and Information Engineering, Wuhan University, Wuhan 430079; 2. College of Computer Science and Technology, Wuhan University of Science and Technology, Wuhan 430081)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-04-20 Published:2008-04-20

摘要: 随着信息系统复杂性不断增强,许多大型应用系统都具有动态性,但是传统的访问控制机制不能提供动态权限分配。该文提出一个实现动态安全策略的访问控制模型,在RBAC模型基础上通过代理动态地决定访问权限,代理根据抽象角色定义和上下文信息规则,通过推导模块得到用户的实际角色,阐述模型的组成并将它应用于一个项目管理系统中。结果表明,该模型比传统的访问控制模型更加高效、安全。

关键词: 访问控制, 安全模型, 抽象角色, 代理

Abstract: With the development of information system, most practical applications have dynamic attributes, but conventional access control mechanisms have not addressed the problem efficiently. This paper discusses how to realize an access control system that enables to manage dynamic security policies. The proposed method is based on Role-based Access Control (RBAC), and the agent decides access rights dynamically for the abstract role, according to the definitions of the abstract roles, context information and rules, agent acquire actual role by inference module, demonstrate the structure of the model and usefulness of the proposed system by presenting the project management application and its access control system. Experimental results verify that the model is more efficient and securer than traditional access control model.

Key words: access control, security model, abstract role, agent

中图分类号: