摘要： 为了保证在网络化的协同企业建模系统中对模型的安全访问，需要建立一套有效的访问控制机制。在分析基于角色的访问控制、自主型的访问控制及强制型访问控制的基础上，结合协同企业建模系统的特点，提出在模型节点状态约束下，基于角色和任务的动态访问控制方法。该方法确定用户在建模工作中的岗位、该岗位负责的任务和充当的角色，考察任务中对应的模型节点状态及确定访问权限，利于实现用户与受控对象的细粒度的访问控制。给出了系统的实现方法。

关键词: 访问控制, 协同企业建模, 角色, 模型状态

Abstract: To guarantee access security in network collaborative enterprise modeling systems, establishing access control function is in demand. Based on study of the role-based access control, discretionary access control and mandatory access control, combined with the characteristic of the collaborative enterprise modeling system, a role and task based dynamic access control with limitation of the enterprise model node state is proposed. In this method, user’s position, the tasks performed by this position and the role are confirmed, the corresponding model node status are examined. And the access authorization is established. These are convenient for realizing the grained security administration to users and objects. Based on the specification, system realization method is presented.

Key words: access control, collaborative enterprise modeling, role, model state

中图分类号: 

• TP309.2