期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

RBAC策略冲突及其检测算法的研究 被引量:4

Research on RBAC Policy Conflict and Its Detection Algorithm
在线阅读 下载PDF
导出
摘要 针对RBAC模型在实施职责分离、最小特权等安全原则时引起的冲突问题,形式化定义5种RBAC策略冲突类型,分析策略冲突产生的原因,提出一种完整的策略冲突检测算法并进行仿真测试。结果表明,该算法能够有效检测定义的各类策略冲突,为RBAC策略冲突检测实施提供基础。 With respect to conflict problems raised when implementing security principals such as separation of duty, least privilege in RBAC, this paper formalizes five RBAC policy conflict types, discusses causing reasons, and proposes a conflict detecting algorithm as well as simulation results, which can effectively detect conflicts defined in this paper. The work in this paper provides the basis for implementation for RBAC conflict detection.
作者 程相然 陈性元 张斌 杨艳
机构地区 解放军信息工程大学电子技术学院
出处 《计算机工程》 CAS CSCD 北大核心 2010年第18期135-137,共3页 Computer Engineering
基金 国家"863"计划基金资助项目(2006AA01Z457 2009AA01Z438)
关键词 RBAC 策略 策略冲突 检测算法 RBAC policy policy conflict detection algorithm
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

  • 1Sandhu R,Coyne E,Feinstein H,et al.Role-based Access Control Model[J].IEEE Computer,1996,29(2):38-47.
  • 2Ferraiolo D,Sandhu R,Gavfila S,et al.Proposed NIST Standard for Role-based Access Control:Towards a Unified Standard[J].ACM Trans.on Information and System Security,2001,4(3):224-274.
  • 3ANSI,INCITS.ANSI/INCITS 359-2004 Information Technology-Role Based Access Control[S].2004.
  • 4Ahn G J,Sandhu R.Role-based Authorization Constraints Specification[J].ACM Trans.on Information and System Security,2000,3(4):207-226.
  • 5袁春阳,贺也平,何建波,周洲仪.具有冲突约束的RBAC模型的形式化规范与证明[J].计算机研究与发展,2006,43(z2):498-508. 被引量:2
  • 6吴迪,朱淼良,陈溪源,林建.分布式环境下基于RBAC互操作的安全检测[J].浙江大学学报(工学版),2007,41(9):1552-1556. 被引量:9

二级参考文献30

  • 1廖振松,金海,羌卫中.一种对IRBAC2000模型的改进方法[J].华中科技大学学报(自然科学版),2005,33(z1):292-295. 被引量:5
  • 2[1]R Sandhu,E J Coyne,H L Feinstein,et al.Role-based access control model.IEEE Computer,1996,29(2):38-47
  • 3[2]D F Ferraiolo,R Sandhu,S Gavrila.Proposed NIST standard for role-based access control.ACM Trans on Information and System Security,2001,4(3):224-274
  • 4[3]L Osborn,R Sandhu,Q Munawer.Configuring role-based access control to enforce mandatory and discretionary access control policies.ACM Trans on Information and System Security,2000,3(2):85-106
  • 5[4]J H Saltzer,M D Schroeder.The protection of information in computer systems.Proc of IEEE,1999,63(9):1278-1308
  • 6[5]C J Moon,W J Paik,Y G Kim,et al.The conflict detection between permission assignment constraints in role-based access control.The 1st SKLOIS Conf on Information Security and Cryptology,2005
  • 7[6]G J Ahn,R Sandhu.The RSL99 language for role-based separation of duty constraints.ACM Workshop on Role-Based Access Control,Fairfax,Virginia,USA,1999
  • 8[7]G J Ahn,R Sandhu.Role-based authorization constraints specification.ACM Trans on Information and System Security,2000,3(4):207-226
  • 9[8]G J Ahn,S P Hong,M E Shin.Reconstructing a formal security model.Information and Software Technology,Elsevier Science,2003,44(11):649-657
  • 10[9]M Nyanchama,S Osborn.The role graph model and conflict of interest.ACM Trans on Information System Security,1999,2(1):3-33

共引文献9

同被引文献29

引证文献4

二级引证文献11

计算机工程
2010年 第18期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部