期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

侵略型中国墙安全模型的RBAC配置的扩展研究 被引量:1

Research of enhanced Chinese Wall security policy—Aggressive model on RBAC
在线阅读 下载PDF
导出
摘要 中国墙安全模型是商业信息安全领域中的一个重要的安全策略模型,但是它缺少有效的实施模型和机制。研究了侵略型中国墙安全模型的利益冲突关系、数据组织等,分析了基于角色的访问控制(RBAC)模型的控制机制,利用RBAC的"策略中性"原理,配置RBAC实施侵略型中国墙安全模型,并举例配置了拥有5个有利益冲突公司的RBAC模型。通过对RBAC的配置,使得侵略型中国墙安全模型可以更加方便有效地实施。 Chinese Wall security model is an important model of security policy in the field of business information security, but it lacks the effective implementation model and the mechanism.Firstly, this paper studies the conflict of interest relations, database organization, etc. of Chinese Wall security policy-An aggressive model.Then the control mechanism of the RBAC model is analyzed.Furthermore, using "the strategy neutrality" of the RBAC model, RBAC is disposed to implement Chinese Wall security policy-An aggressive model.Finally, an example to dispose RBAC model is given,in which five compa- nies have the conflict of interest relations.Chinese Wall security policy-An aggressive model can be more convenient and effective by configuring this model on RBAC.
作者 张毅辉 梁久祯
机构地区 江南大学信息工程学院
出处 《计算机工程与应用》 CSCD 北大核心 2010年第29期114-116,共3页 Computer Engineering and Applications
基金 江苏省自然科学基金No.BK20080544~~
关键词 侵略型 中国墙 基于角色的访问控制(RBAC) 角色 访问控制 aggressive Chinese Wall Role-Based Access Control(RBAC) role access control
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献6

二级参考文献24

  • 1HAN Lan-sheng,HONG Fan,Asiedu Baffour Kojo.Least Privileges and Role’s Inheritance of RBAC[J].Wuhan University Journal of Natural Sciences,2006,11(1):185-187. 被引量:3
  • 2L Snyder. Formal Models of Capability-based Protection Systems[ J].IEEE Transactions on Computers, 1981,30(3 ) :172-181.
  • 3R Sandhu, E Coyne, H Feinstein. Role-based Access Control Models[ J]. IEEE Computer, 1996,29 (6) :38-47.
  • 4D Ferraiolo, R Sandhu,et al. Proposed NIST Standard for Role-based Access Control [ J ]. ACM Transactions on Information and System Security(TISSEC) ,2001,4(3) :224-274.
  • 5R Thomas, R Sandhu. Task-Based Authorization Controls(TBAC) : A Family of Models for Active and Enterprise-Oriented Authorization Management[ C]. Lake Tahoe, CA: Proceedings of the 11th IFIP WG11.3 Conference on Database Security, 1997.
  • 6Gail-Joon Ahn, Myong Kang,et al. Injecting RBAC to Secure a Webbased Workflow System[ C]. ACM RBAC, 2000.
  • 7Sejong Oh, Seog Park. Task-role-based Access Control Model[ J ]. Information System, 2003, 28 : 533-562.
  • 8J Park, R Sandhu. Towards Usage Control Models: Beyond Traditional Access Control[ C]. Proceedings of the 7th ACM Symposium on Access Control Models and Technologies,2002.
  • 9R Sandhu, J Park. Usage Control : A Vision for Next Generation Access Control, MMM-ACNS [ EB/OL]. http://www. list. gmu. edu/conference_papers, htm, 2003.
  • 10Sonera Piazza Ltd MediaLab. Digital Rights Management. White Paper[ EB/OL]. http://www. medialab. sonera. fr/workspace./ DRM-WhitePaper. pdf, 2002.

共引文献108

同被引文献14

  • 1何永忠,李晓峰,冯登国.RBAC实施中国墙策略及其变种的研究[J].计算机研究与发展,2007,44(4):615-622. 被引量:10
  • 2Crampton J.Specifying and enforcing constraints in role-basedaccess control[C]∥Proceedings of the eighth ACM symposium on Access control models and technologies.ACM,2003:43-50.
  • 3Brewer D F C,Nash M J.The chinese wall security policy[C]∥Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy.1989:215-228.
  • 4Ahn G J,Sandhu R.Role-based authorization constraints specification[J].ACM Transactions on Information and System Securi-ty (TISSEC),2000,3(4):207-226.
  • 5INCITS A.INCITS 359-2004,American national standard forinformation technology,role based access control[S].NewYork:ANSI INCITS,2004.
  • 6Helil N,Kim M,Han S.Trust and Risk based Access Controland Access Control Constraints[J].KSII Transactions on Internet & Information Systems,2011,5(11):2254-2271.
  • 7Sharifi A,Tripunitara M V.Least-restrictive enforcement of the Chinese wall security policy[C]∥Proceedings of the 18th ACM Ssymposium on Access Control Models and Technologies.ACM,2013:61-72.
  • 8Bijon K Z,Krishman R,Sandhu R.Constraints Specication inAttribute Based Access Control[J].Science,2013,2(3):131-144.
  • 9Tsai T H,Chen Y C,Huang H C,et al.A practical chinese wall security model in cloud computing[C]∥2011 13th Asia-Pacific Network Operations and Management Symposium (APNOMS).IEEE,2011:1-4.
  • 10Priebe T,Fernandez E B,Mehlau J I,et al.A pattern system for access control[M]∥Research Directions in Data and Applications Security XVIII.Springer US,2004:235-249.

引证文献1

计算机工程与应用
2010年 第29期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部