本文已被:浏览 1392次 下载 3879次
Received:March 20, 2013 Revised:April 10, 2013
Received:March 20, 2013 Revised:April 10, 2013
中文摘要: 为了更好地保护Web应用系统中敏感数据不被非法访问. 在传统的基于角色的访问控制模型基础上提出了由用户集合和数据访问权限构成的数据访问策略, 并将数据访问策略关联到功能, 通过对原有业务SQL解析, 使用行级访问权限对数据记录进行行级过滤, 再根据列级访问权限对数据记录相应属性进行屏蔽处理来进行数据安全访问控制, 并设计了数据安全访问控制的框架. 最后将该方案应用到新发地农产品供应链管理平台中, 验证了该方案的可行性和有效性.
Abstract:To protect sensitive data in Web applications from unauthorized access, a data access strategy consisting of user set and data access authority is proposed, which is based on traditional role based access control model. The data access strategy is related to function. After parsing the original business SQL, row-level-rules are applied to filter the data records in row level, and column-level-rules are applied to mask the corresponding attributes of the data records. A data security access control framework is designed. Finally, this strategy is implemented in the Agricultural Products Supply Chain Management System of Xinfadi, and the validity and effectiveness of the presented strategy is demonstrated.
文章编号: 中图分类号: 文献标志码:
基金项目:国家重点基础研究发展计划(973)(2009CB320704);国家高技术研究发展计划(863)(2012AA011204);国家科技支撑计划(2012BAH05F02)
引用文本:
唐建,徐罡,许舒人.一种数据级安全访问控制方案.计算机系统应用,2013,22(9):81-85,74
TANG Jian,XU Gang,XU Shu-Ren.A Solution of Data-Level Security Access Control.COMPUTER SYSTEMS APPLICATIONS,2013,22(9):81-85,74
唐建,徐罡,许舒人.一种数据级安全访问控制方案.计算机系统应用,2013,22(9):81-85,74
TANG Jian,XU Gang,XU Shu-Ren.A Solution of Data-Level Security Access Control.COMPUTER SYSTEMS APPLICATIONS,2013,22(9):81-85,74
