Abstract: This paper proposes an organization-structure-oriented administration scheme for OSOAC model according to the different administration requests of the static components and the dynamic components of OSOAC model in enterprise environment. The static components of OSOAC model are centralized initialized to assure that the security policy is consistent and privilege management is controllable in different organization domains, and the dynamic components are decentralized administrated based on the hierarchy relation of organization domains to assure that the administrative frame corresponds with real enterprise structure.

Key words: access control, OSOAC model, administration, organization domain

摘要： 针对面向组织结构的访问控制模型静态组件和动态组件在企业环境下的不同管理需求，设计该模型的面向组织结构管理方案。对其中的静态组件集中配置，确保各组织域安全策略的一致性和权限管理的可控性。基于面向组织结构访问控制策略的应用优势，以组织域层次关系为基础对动态组件进行分散管理，实现管理架构与企业实际组织架构的对应。

关键词: 访问控制, 面向组织结构的访问控制模型, 管理, 组织域

CLC Number: 

• N945