计算机工程 ›› 2011, Vol. 37 ›› Issue (19): 104-106,110.doi: 10.3969/j.issn.1000-3428.2011.19.034

• 安全技术 • 上一篇    下一篇

基于混合层次关系的扩展角色图模型

黎湘运,封孝生,闫新乐   

  1. (国防科学技术大学信息系统工程重点实验室,长沙 410073)
  • 收稿日期:2011-05-12 出版日期:2011-10-05 发布日期:2011-10-05
  • 作者简介:黎湘运(1984-),男,硕士研究生,主研方向:信息安全;封孝生,副教授、博士;闫新乐,硕士研究生
  • 基金项目:
    国家自然科学基金资助项目(60903225, 70971134)

Extended Role Graph Model Based on Hybrid Hierarchy Relation

LI Xiang-yun, FENG Xiao-sheng, Yan Xin-le   

  1. (Information System Engineering Key Laboratory, National University of Defense Technology, Changsha 410073, China)
  • Received:2011-05-12 Online:2011-10-05 Published:2011-10-05

摘要: 针对现有角色图模型无法进行动态职责分离的问题,提出基于混合层次关系的扩展角色图模型。对角色层次关系进行细化,将混合层次关系引入角色图模型中,给出扩展后角色图模型角色层次的管理功能。实验结果表明,该模型能进行动态职责分离,提高角色图模型的性能。

关键词: 角色访问控制, 角色层次, 角色图模型, 混合层次, 角色激活, 权限继承

Abstract: Aiming at the problem that the existing role graph model can not define Dynamic Separation of Duty(DSOD), this paper proposes an extended graph model based on hybrid hierarchy relation. This model extends the role hierarchy by introducing the hybrid hierarchy, and the role hierarchy management of the extended role graph model is given. Experimental results show that the introduction of hybrid hierarchy makes the definition of DSOD possible, thus enhances the practicability of the role graph model.

Key words: role based access control, role hierarchy, role graph model, hybrid hierarchy, role activation, permission inheritance

中图分类号: