摘要: 传统的RBAC策略在企业用户数量剧增时,角色指派和权限维护成为系统管理员沉重的负担。为简化管理员的工作、规范安全策略,提出一种基于模糊的RBAC优化模型。使用位图矩阵进行角色信任度计算。将方差引入因素权重向量的调整策略,改进取大取小操作的局限性。对相似的用户聚类,在聚类中分享群体经验提高模型的精确性。为用户引入历史互斥权限表,实现带有责任分离约束的模糊RBAC模型。
Abstract: With the rapid increase of the enterprise users, it is a tiresome task for the system administrator to assign roles and maintain permissions in traditional Role-Based Access Control(RBAC) strategy. In order to simplify the administrator’s work and standardize security strategy, an optimized RBAC model based on fuzzy is proposed. Bitmap matrix is used for computing role’s trustworthiness. Variance is applied to adjust attribute weight vector to improve max-min operation’s limitation. By clustering similar users, group experience is shared among the users within the same cluster to improve the accuracy of the model. A fuzzy RBAC model with separation of duty constraint is implemented by enforcing a historical, mutual exclusive permission table for each user.
Key words:
Role-Based Access Control(RBAC),
clustering analysis,
separation of duty
王宇新, 田佳, 郭禾, 王政, 杨元生. 基于模糊的RBAC模型研究与优化[J]. 计算机工程, 2010, 36(13): 137-139.
WANG Yu-Xin, TIAN Jia, GUO He, WANG Zheng, YANG Yuan-Sheng. Research and Optimization of Fuzzy-based RBAC Model[J]. Computer Engineering, 2010, 36(13): 137-139.