计算机工程 ›› 2012, Vol. 38 ›› Issue (9): 151-152,173.doi: 10.3969/j.issn.1000-3428.2012.09.045

• 安全技术 • 上一篇    下一篇

基于动态控制机制的工作流安全访问模型

巫 茜1,周 庆2   

  1. (1. 重庆理工大学计算机科学与工程学院,重庆 400054;2. 重庆大学计算机学院,重庆400044)
  • 收稿日期:2012-02-08 出版日期:2012-05-05 发布日期:2012-05-05
  • 作者简介:巫 茜(1980-),女,讲师、硕士,主研方向:网络安全,软件工程;周 庆,副教授、博士
  • 基金项目:
    国家自然科学基金资助项目(61003246);重庆市教委科学技术研究基金资助项目(KJ110805)

Workflow Security Access Model Based on Dynamic Control Mechanism

WU Qian   1, ZHOU Qing   2   

  1. (1. School of Computer Science and Engineering, Chongqing University of Technology, Chongqing 400054, China; 2. College of Computer Science, Chongqing University, Chongqing 400044, China)
  • Received:2012-02-08 Online:2012-05-05 Published:2012-05-05

摘要: 为确保工作流系统安全可靠地工作,在传统基于角色的访问控制模型中引入目标案例、用户管理和目标3个关系元素,设计动态授权机制,构建一种基于动态控制机制的工作流安全访问模型,通过基本约束关系与动态约束条件,保证模型的安全运行,并将其与工作流引擎组件进行集成,为独立安全领域应用提供安全授权服务。应用结果表明,该模型可将动态职责与互惠职责较好地分离,对动态职责进行绑定,为系统工作流安全访问提供技术支持。

关键词: 动态控制机制, 工作流引擎, 动态授权, 访问控制模型, 网络化协同设计

Abstract: In order to ensure the workflow system secure and reliable, this paper introduces three relation elements of Target Case(TC), User Management(UM) and Target(T) in the conventional access control model based on role, designs the dynamic authorization mechanism, and builds a sort of security access model in workflow based on dynamic control mechanism, which ensures the secure running of the model by means of basic constraint relation and dynamic constraint conditions. The model is integrated with workflow engine component to provide the security authorization service for the application of independent security field. Application results show that the model can better separate the dynamic responsibility and reciprocal responsibility, make the binding of dynamic responsibility, and provide technical support for security access of system workflow.

Key words: dynamic control mechanism, workflow engine, dynamic authorization, access control model, networked cooperative design

中图分类号: