摘要
基于角色的访问控制模型(RBAC)凭借其灵活的授权机制、强大的管理功能和完善的安全策略越来越引起人们的研究兴趣,随着研究的不断深入,面向对象的研究方法也逐渐应用到这个模型中,促进了它的迅速发展。UML作为一种强大的建模语言,不只是局限于支持面向对象的分析与设计,还支持从需求分析开始的软件开发的全过程,通过UML的描述可以使理论模型更加直观地应用到实际系统开发。该文使用UML的对象约束语言(OCL)来描述RBAC中的相关约束,使约束描述更加标准化,更有利于系统开发人员对模型的理解和促进RBAC模型的系统开发。
Role-based access control Model is an enabling technology for authorization,managing and enforcing security in large -scale,enterprise -wide systems.The role -based access control has generated great interest among the model researchers and security policy developer.One of important aspects about RBAC is constraints.Although researchers have identified useful constraints using formal specification languages such as RCL2000to specify the constraints,but it is hard for system developer to understand.The Unified Modeling Language(UML )is a general-purpose visual modeling language in which we can specify,visualize,and document the components of a software system.Object Constraint Language(OCL)as the sub-language of UML should be a precise and unambiguous specification.
出处
《计算机工程与应用》
CSCD
北大核心
2003年第21期100-102,109,共4页
Computer Engineering and Applications
