摘要： 为提高数据库模型的安全性,同时满足用户对数据的合理化存储要求,对RBAC模型与MLR模型进行改进,构造一个结合RBAC模型与MLR模型的综合访问控制模型,使主体通过多级角色间接应用强制访问控制规则来访问客体。实验结果表明,该模型可实现系统中主体对客体的灵活管理,同时具备强制访问控制模型的高安全性。

关键词: 数据库安全, 多级数据库模型, RBAC模型, MLR模型, 访问控制模型, 操作权限

Abstract: Lots of multi-level database models with individual advantage have appeared following the development of multi-level database security.People gradually begin to improve optimization of multilevel relation database model,put forward more secure,more manageable database multilevel security model,in order to meet the users’ rationalization of data storage and keep the security of data.This paper proposes the idea that combined the RBAC access control model with the MAC mandatory access control model.It makes the system not only have the high security of the mandatory access control model and achieve the flexible management from the subject to object,improves the RBAC model and the MLR model of the MAC mandatory access control model,and combines them to construct an integrated access control model.Combined with the superiority of the two access model,the access control model achieves the subject applies the mandatory access control rules to access object by multilevel roles indirectly.By simulated data,the structure of security access control model based on role of multilevel relation is tested.The experiment proves that the comprehensive access control model has better flexibility,makes the model with the high security of mandatory access control model.

Key words: database security, multi-level database model, RBAC model, MLR model, access control model, operation permission

中图分类号: 

• TP311