###
计算机系统应用:2018,27(11):180-185
本文二维码信息
码上扫一扫!
可变动RBAC模型的密钥管理研究
蒋凡1, 魏弋翔2, 程绍银1
(1.中国科学技术大学 信息安全测评中心, 合肥 230027;2.中国科学技术大学 计算机科学与技术学院, 合肥 230027)
Key Management for Changeable RBAC System
JIANG Fan1, WEI Yi-Xiang2, CHENG Shao-Yin1
(1.Information Technology Security Evaluation Center, University of Science and Technology of China, Hefei 230027, China;2.School of Computer Science and Technology, University of Science and Technology of China, Hefei 230027, China)
摘要
图/表
参考文献
相似文献
本文已被:浏览 47次   下载 61
投稿时间:2018-03-22    修订日期:2018-04-18
中文摘要: 访问控制在一个信息安全系统中是一个基础的课题.RBAC (基于角色的访问控制模型,Role-Based Access Control)以不同的角色来定义用户,这些角色对应了不同的密级.这使得不同角色中的用户有不同的权限.基于这一点,密钥可以用来区分不同角色间的访问权限.随着人事和任务的变动,现有RBAC的结构也会发生变动.本文定义了线性、树形和有向环图三类RBAC模型,从线性结构出发,讨论角色中用户与密级发生的变化,推广至树形结构,提出了一种下级角色的密钥由上级角色的密钥决定的方法,可以有效地实现线性和树形可变动RBAC模型的密钥管理.
Abstract:RBAC model is a solution which defines users with different roles, and the roles are in different classes which mean the users with different roles have different permission. Usually, we can use secret keys to discriminate the different roles. However, the role in this access control model is a security class including some users. Changes will appear in this system with personnel changes frequently. Due to the keys are corresponding to the roles, how to update the keys in these frequent changes is the focus of this study. There are three kinds of model in RBAC, the linear model, the tree model, and Directed Acyclic Graph (DAG). This paper discusses the changes of users and security class from the linear and tree model. The problem in the method where the inferior keys are determined by the superior keys is also discussed. Thus, key management for changeable RBAC system is effectively realized.
文章编号:     中图分类号:    文献标志码:
基金项目:
引用文本:
蒋凡,魏弋翔,程绍银.可变动RBAC模型的密钥管理研究.计算机系统应用,2018,27(11):180-185
JIANG Fan,WEI Yi-Xiang,CHENG Shao-Yin.Key Management for Changeable RBAC System.COMPUTER SYSTEMS APPLICATIONS,2018,27(11):180-185

用微信扫一扫

用微信扫一扫