Abstract: In distributed database systems, controlling usage of data after it had been released to a different control domain from its provider becomes an important security issue. Aiming at this problem, this paper analyses the characteristics of Role-based Access Control model(RBAC) and Usage Control model(UCON), and proposes a novel secure model of distributed database based on usage control technology. It gives the composition and definition by using different access control policies on server-side and client-side. Analysis result shows that this model can be used as an effective solution for usage control enforcement in distributed database systems.

Key words: distributed database, access control, usage control, mutability, continuity

摘要： 针对分布式数据库系统中已发布数据难以控制的问题，结合基于角色访问控制模型(RBAC)和使用控制模型(UCON)的特点，提出一种基于UCON的分布式数据库安全模型。将分布式数据库分为服务器端和客户端，服务器端采用UCON策略，客户端采用RBAC策略。分析结果表明，该模型能有效控制分布式数据库系统中的数据。

关键词: 分布式数据库, 访问控制, 使用控制, 易变性, 持续性

CLC Number: 

• TP309