机构地区: 河南大学
出 处: 《河南大学学报(自然科学版)》 2013年第1期85-90,共6页
摘 要: 基于角色的访问控制模型(RBAC)是一种常用的访问控制模型,但是由于现有的角色及其权限之间的关系由人工指定,导致成本较高且有可能存在权限分配不合理的情况,容易带来安全隐患.针对此问题,引入完备信息系统的信息粒度度量方法,结合访问控制的基本原则对需求中角色及权限信息的不确定性进行分析,作为系统需求的一种反馈与度量,为系统的信息使用提供帮助.最后,通过实验验证了该方法的有效性. Role based access control is a popular access control model,where relations between roles are assumed to have been built by humans beforehand at present.However,building these relations is time-consuming and brings to some unsafe factors,even for experts.In this paper,we combine information granularity of complete information system and basic principles of access control to analyze the uncertainty of role relations,which could be regarded as a feedback and evaluation of system requirement to make help in information usage.In the end,our experimental results show that our algorithm is effective.
领 域: [自动化与计算机技术] [自动化与计算机技术]