摘要: 在工作流系统应用中,权限管理基础设施(PMI)模型存在数据冗余、动态适应性差的缺陷。针对该问题,提出一个基于任务-角色的访问控制的PMI模型。该模型通过增加任务规范角色证书与任务分配属性证书、PMI任务管理器与策略库,将访问权限与任务关联。应用结果证明该模型能够对访问控制进行动态、灵活的管理,实现基于角色、任务、角色和任务这3种访问控制,为企业信息安全管理提供保障。
关键词:
基于任务-角色的访问控制,
上下文约束,
权限管理基础设施
Abstract: Aiming at the problems of Privilege Management Infrastructure(PMI) model application in the work flow system that data redundancy, weakly dynamic adaptability, this paper proposes a PMI model based on Task-Role Based Access Control(T-RBAC). The model can make the relationship between access right and task by adding task specification access certificate, task assignments access certificate and task management agent. Application result proves that the model can support information security management with three ways of access control in dynamic work flow systems, it consists of access control based on role, task and role and task.
Key words:
Task-Role Based Access Control(T-RBAC),
context constrain,
Privilege Management Infrastructure(PMI)
中图分类号:
刘晓冰;白朝阳;王 霄;李忠凯. 基于T-RBAC的PMI模型[J]. 计算机工程, 2010, 36(3): 152-155.
LIU Xiao-bing; BAI Zhao-yang; WANG Xiao; LI Zhong-kai. PMI Model Based on T-RBAC[J]. Computer Engineering, 2010, 36(3): 152-155.