摘要
提出了一种基于WWW的扩展RBAC模型 ,在用户和角色之间增加角色代理层 ,由客户端完成代理角色的功能 ,实现角色的动态分配和解决网络传输瓶颈问题 ,克服了标准的基于角色的访问控制模型应用于WWW环境的缺陷 .并探讨了以这种扩展RBAC模型为基础的互联网环境下的安全访问控制的实现 .这种安全访问控制方案能较好地适用于基于Web的应用系统 .
An extended rold-based access control model in the WWW environment is proposed. The extended RBAC model, acomplished by the client, adds the role-proxy mechanism between users and roles. The mechanism realizes the role authorization dynamically and solves the network transfer bottleneck problems and improves the performance of standard role-based access control model in the WWW environment. The implement of security access control module in WWW environment on the basis of the extended RBAC module is discussed in the paper, which also points out that this scheme can be well used in the application built on the Web pattern.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2002年第10期53-55,共3页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家高性能计算基金资助项目
