作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2008, Vol. 34 ›› Issue (24): 71-73. doi: 10.3969/j.issn.1000-3428.2008.24.025

• 软件技术与数据库 • 上一篇    下一篇

多域分层系统中基于DRT的访问控制模型

葛方斌1,杨 林2,王建新2,丁 利3   

  1. (1. 解放军理工大学指挥自动化学院,南京 210007;2. 中国电子系统工程研究所,北京 100039;3. 解放军理工大学通信工程学院,南京 210007)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-12-20 发布日期:2008-12-20

Access Control Model Based on DRT in Layered Multi-domain System

GE Fang-bin1, YANG Lin2, WANG Jian-xin2, DING Li3   

  1. (1. College of Command Automation, PLA University of Science and Technology, Nanjing 210007; 2. Institute of China Electronic System Engineering, Beijing 100039; 3. College of Communication Engineering, PLA University of Science and Technology, Nanjing 210007)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-12-20 Published:2008-12-20

摘要: 为了满足多域系统的访问控制需求,提出RBAC的扩展模型——DRTBAC模型。模型中引入域、型、角色关联等概念,增加了权限的灵活设置机制,并将基本安全原则融入到模型的角色划分、指派与关联中。解决RBAC对多域系统的支持问题,方便权限的管理,实现遵循安全原则的访问控制。

关键词: RBAC模型, 域, 型, DRTBAC模型, 角色关联

Abstract: To satisfy the demand of access control in multi-domain systems, a developed RBAC model——Domain Role and Type-Based Access Control(DRTBAC) model is proposed. Concepts of domain, type, role association, etc. are introduced, mechanism of setting permissions flexibly is appended, and essential security principles penetrate roles partition, assignment and association. The problem that access control supports multi-domain systems is resolved, permission management is simplified, and access controls complying security principles are realized.

Key words: RBAC model, domain, type, Domain Role and Type-Based Access Control(DRTBAC) model, role association

中图分类号: