Abstract:
With the development of the distributed computing, traditional role-based access control model doesn’t meet the demand of distributed computing security any more. An evidence-based code access control(EBCAC) model, which can provide the lower access control of system security, is generalized from code access control of Microsoft in this paper. It gives a formalized description and describes an improved system architecture based on it. It also discusses how to implement and gives an instance of EBCAC model.
Key words:
distributed network security,
access control,
luring attack
摘要: 随着分布式计算的不断发展,传统的基于角色的安全性(RBAC)模型已无法满足分布式安全的要求,该文根据微软的代码访问安全性,归纳出基于证据的代码访问控制(EBCAC)模型和它的一种形式化描述,该模型能实现对系统更低层次的访问控制;提出了一种改进的基于证据的代码访问控制系统设计方案,给出了防止引诱攻击的实例。
关键词:
分布式网络安全,
访问控制,
引诱攻击
CLC Number:
GU Yan; ; QIANG Jiang; YING Mingfeng;. Research on Code Access Control Model Based on Evidence[J]. Computer Engineering, 2007, 33(13): 161-163,.
谷 虤;钱 江;应明峰;. 基于证据的代码访问控制机制研究[J]. 计算机工程, 2007, 33(13): 161-163,.