期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于OWL的RB-RBAC策略定义和推理 被引量:2

OWL-based RB-RBAC Policy Definition and Reasoning
在线阅读 下载PDF
导出
摘要 提出一种基于本体对RB-RBAC策略进行定义的方法,该方法能定义复杂的属性表达式,并支持多种属性值类型,可以在策略中直接定义属性值间的偏序关系和角色间的层次关系.具有不同语法结构的属性表达式也可以比较,以发现不同授权规则间可能存在的关系.在推理机的支持下,除了能够访问控制决策推理外,还可以判定授权规则间的优先关系,并发现相关规则间的策略冲突. An Ontology-based approach to define the authorization policies of an RB-RBAC model was proposed, by which one can effectively define complex attribute expressions, quasi-order relation definition among attribute values and role hierarchies among roles in the OWL style policies. Comparison between attribute expressions without identical syntax structures is permitted to gain an insight into the relationships of all kinds of authorization rules. We can make authorization decision and perform seniority levels reasoning via an OWL reasoner. Moreover, conflicts among related authorization rules can be detected by consistency check.
作者 于海波 谢琦 吕巍
机构地区 吉林大学计算机科学与技术学院
出处 《吉林大学学报(理学版)》 CAS CSCD 北大核心 2006年第5期754-759,共6页 Journal of Jilin University:Science Edition
基金 国家自然科学基金(批准号:60373098) 吉林大学"985"工程项目基金
关键词 WEB本体语言 RB-RBAC模型 授权策略 属性表达式 OWL RB-RBAC model authorization policy attribute expression
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献9

  • 1Sandhu R,Coyne E,Feinstein H,etal.Role-based Access Control Model[J].IEEE Computer,1996,29(2):38-47.
  • 2Ferraiolo D,Sandhu R,Gavrila S,et al.Proposed NIST Standard for Role-based AccessControl[J].ACM Transaction on Information and System Security (TISSEC),2001,4(3):224-274.
  • 3Al-Kahtani M,Sandhu R.A Model for Attribute-based User-role Assignment[C]//Proceedingsof the 18th Annual Computer Security Applications Conference.Las Vegas,Nevada:IEEEComputer Society,2002:353-362.
  • 4Al-Kahtani M,Sandhu R.Induced Role Hierarchies with Attribute-basedRBAC[C]//Proceedings of the 8th ACM Symposium on Access Control Models and Technologies(SACMAT).Villa Gallia,Italy:ACM Press,2003:142-148.
  • 5Al-Kahtani M,Sandhu R.Rule-based RBAC with Negative Authorization[C]//Proceedings ofthe 20th Annual Computer Security Applications Conference (ACSAC'04).Tucson:IEEE ComputerSociety,2004:405-415.
  • 6Bechhofer S,Harmelen F,Hendler J,et al.OWL Web Ontology LanguageReference[EB/OL].[2004-02-10].http://www.w3.org/TR/2004/REC-owl-ref-20040210/.
  • 7Baader F,Calvanese D,McGuinness D,et al.The Description LogicHandbook:Theory,Implementation and Applications[M].Cambridge:Cambridge UniversityPress,2003.
  • 8Sandhu S,Bhamidipati V,Munawer Q.The ARBAC97 Model for Role-based Administration ofRoles[J].ACM Transaction on Information System Security (TISSEC),1999,2(1):105-135.
  • 9Haarslev V,Moller R.RACER System Description[C]//Proceedings of the First InternationalJoint Conference on Automated Reasoning(IJCAR'2001).Siena,Italy:Srpinger-Verlag,2001:701-706.

同被引文献3

  • 1Lance Spitzner.honeypot:追踪黑客[M].邓云佳,译.清华大学出版社,2004年9月:238-241.
  • 2Sandhu,R.S.,et al.Role-based access control models.Computer,1996,29 (2):38- 47.
  • 3Sandhu,R.,D.Ferraiolo,and R.Kuhn,NIST model for role-based access control: Towards a unified standard.Proceedings of the ACM Workshop on Role-Based Access Control,2000,47-63.

引证文献2

二级引证文献1

吉林大学学报(理学版)
2006年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部