Abstract: Rule set based access control (RSBAC) based on the generalized framework for access control (GFAC), is an open source security extension for Linux kernels. This paper presents the RSBAC system architecture, outlines the RSBAC characteristic and studies one of the RSBAC security policy components——role compatibility module. It analyzes the fundamental theory, and by offering the application on Apache illuminates the implement and application of the RC module.

Key words: Security model, Network security, Access control, Role

摘要： 基于角色集的访问控制(RSBAC)是以通用访问控制结构(GFAC)为基础，对Linux内核进行安全扩展的开源访问控制方法。介绍了RSBAC理论及其主要特征，并在此基础上研究了RSBAC中的角色兼容(RC)决策模块。分析了RC模块的基本原理，以在Apache上的应用为例，介绍了RC模块的实现方法及应用过程。

关键词: 安全模块, 网络安全, 访问控制, 角色

CLC Number: 

• TP316