General Attribute Based RBAC Model for Web Services 被引量：3

General Attribute Based RBAC Model for Web Services

在线阅读下载PDF

导出

摘要 Growing numbers of users and many access policies that involve many different resource attributes in service-oriented environments cause various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes based on access policies for Web services, and proposes a general attribute based role-based access control（GARBAC） model. The model introduces the notions of single attribute expression, composite attribute expression, and composition permission, defines a set of elements and relations among its elements and makes a set of rules, assigns roles to user by inputing user＇s attributes values. The model is a general access control model, can support more granularity resource information and rich access control policies, also can be used to wider application for services. The paper also describes how to use the GARBAC model in Web services environments. Growing numbers of users and many access policies that involve many different resource attributes in service-oriented environments cause various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes based on access policies for Web services, and proposes a general attribute based role-based access control（GARBAC） model. The model introduces the notions of single attribute expression, composite attribute expression, and composition permission, defines a set of elements and relations among its elements and makes a set of rules, assigns roles to user by inputing user＇s attributes values. The model is a general access control model, can support more granularity resource information and rich access control policies, also can be used to wider application for services. The paper also describes how to use the GARBAC model in Web services environments.

作者 ZHU Yiqun LI Jianhua ZHANG Quanhai

机构地区 Department of Electronic Engineering

出处《Wuhan University Journal of Natural Sciences》 CAS 2008年第1期81-86,共6页 武汉大学学报（自然科学英文版）

基金 Supported by the National Natural Science Foundation of China (60402019, 60772098 and 60672068)

关键词 ATTRIBUTE RULE user-role assignment role-based access control （RBAC） access policy attribute rule user-role assignment role-based access control （RBAC） access policy

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献10

1Ye Chunxiao,Wu Zhongfu.An Attribute-Based Delegation Model and Its Extension[].Journal of Research and Prac- tice in Information Technology.2006
2Sandhu R S,Coyne E J,Feinstein H L, et al.Role-Based Ac- cess Control Models[].IEEE Computer.1996
3Mohammad A,Al-Kahtani H,Ravi S.A Model for Attrib- ute-Based User-Role Assignment[].Proceedings of the th Annual Computer Security Applications Conference.2002
4Mohammad A,Al-Kahtani H,Ravi S.Induced Role Hierar- chies with Attribute-Based RBAC[].Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies.2003
5Mohammad A,Al-Kahtani H,Ravi S.Rule-Based RBAC with Negative Authorization[].Proceedings of the th Annual Computer Security Applications Conference (ACSAC‘).2004
6Kern A,Walhorn C.Rule Support for Role Based Access Control[].Proceedings th ACM Symposium on Access Control Models and Technologies(SACMAT’).2005
7Yuan E,Tong J.Attributed Based Access Control (ABAC) for Web Services[].Proceedings of the IEEE International Conference on Web Services (ICWS’).2005
8Liu Miao,Guo Heqing,Su Jindian.An Attribute and Role Based Access Control Model for Web Services[].Proceedings of the Fourth International Conference on Machine Learning and Cybernetics.2005
9Kapsalis V,Hadellis L,Karelis D, et al.A Dynamic Con- text-Aware Access Control Architecture for E-Services[].Computers & Security.2006
10Shen Haibo,Hong Fan.An Attribute-Based Access Control Model for Web Services[].Proceedings of the th Interna- tional Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT‘).2006

同被引文献80

1赵宇.如何推进企业文档管理工作的思考[J].中国商界,2009(5):231-232. 被引量：4
2WANG Xiaoming,ZHAO Zongtao.A Service Oriented Voting Authorization Model[J].Chinese Journal of Electronics,2006,15(1):37-40. 被引量：2
3刘伟,朱一凡,魏洪涛.工作流技术在办公自动化中的应用[J].计算机工程与设计,2006,27(7):1308-1310. 被引量：16
4徐驰,徐燕凌.Ajax模式在异步交互Web环境中的应用[J].计算机技术与发展,2006,16(11):228-230. 被引量：27
5卢成均.通用集中式文档管理系统的设计与实现[J].计算机工程与设计,2006,27(24):4792-4796. 被引量：3
6M LeMay,O Fatemieh,C A Gunter.PolicyMorph:interactive policy transformations for a logical attribute-based access control framework[A].Proceedings of the 12th ACM Symposium on Access Control Models and Technologies[C].New York:ACM,2008.205-214.
7V Kolovski,J Hendler,B Parsia.Analyzing web access control policies[A].Proceedings of the 16th International Conference on World Wide Web[C].New York:ACM,2007.677-686.
8E Yuan,J Tong.Attributed based access control (ABAC) for web services[A].Proceedings of the IEEE International Conference on Web Services[C].Washington:IEEE Computer Society,2005.561-569.
9C Ye,Z Wu,Y Fu.An attribute-based delegation model and its extension[J].Journal of Research and Practice in Information Technology,2006,38 (1):3-17.
10J Michael,R Manoj.A contextual attribute-based access control model[A].Proceedings of 2006 Workshops on the Move to Meaningful Internet Systems[C].Berlin:Springer,2006.1996-2006.

引证文献3

1王小明,付红,张立臣.基于属性的访问控制研究进展[J].电子学报,2010,38(7):1660-1667. 被引量：84
2黄静,王枫,谢志新,肖炳甲.EAST文档管理系统的设计与实现[J].计算机技术与发展,2014,24(7):13-16. 被引量：4
3岳玮,王凤英.基于改进K-Means算法的ABAC模型优化[J].山东理工大学学报（自然科学版）,2017,31(4):9-12.

二级引证文献88

1张伟,张梦媛,王汝传.一种基于浏览器对象的多属性安全标签算法[J].计算机研究与发展,2012,49(S2):39-45.
2谷德丽,马春光,汪定,郭金生.基于密码技术的涉密信息系统安全防护框架研究[J].保密科学技术,2012,0(10):60-63. 被引量：1
3郭树行,张禹,王坚.基于情景演算的物联网访问控制模型[J].中南大学学报（自然科学版）,2013,44(S1):176-180. 被引量：2
4盖新貌,沈昌祥,刘毅,周明.基于属性访问控制的CSP模型[J].小型微型计算机系统,2011,32(11):2217-2222. 被引量：11
5常彦德.基于角色的访问控制技术研究进展[J].计算机与现代化,2011(12):5-8. 被引量：12
6谢卫星.基于XACML的用户角色自动指派[J].计算机与现代化,2012(4):79-81.
7李凤华,苏铓,史国振,马建峰.访问控制模型研究进展及发展趋势[J].电子学报,2012,40(4):805-813. 被引量：128
8翟浩良,韩道军,李磊.基于情景演算的动态访问控制模型[J].计算机科学,2012,39(6):35-39. 被引量：2
9谢卫星.一种基于属性的用户角色自动指派研究[J].微计算机信息,2012(9):255-256.
10许鑫.基于访问控制模型实现银行网络安全目标[J].计算机技术与发展,2012,22(10):173-176. 被引量：1

1CHEN Jiangang,WANG Ruchuan,WANG Haiyan.The RBAC Model Integrated with Policy in Grid Environment[J].Chinese Journal of Electronics,2006,15(4):588-592.
2ZHENG Hua.Design and Implementation of RBAC Model Based on Graduate Education Management System[J].International English Education Research,2016(2):49-51.
3单智勇,孙玉芳.一个应用于操作系统的RBAC模型及其实施[J].计算机研究与发展,2004,41(2):287-298. 被引量：11
4毛碧波,孙玉芳.角色访问控制[J].计算机科学,2003,30(1):121-123. 被引量：37
5HONGFan ZHUXian XINGGuanglin.Distributed Role-based Access Control for Coaliagion Application[J].Geo-Spatial Information Science,2005,8(2):138-143.
6韩伟力,陈刚,尹建伟,董金祥.Consistency maintenance for constraint in role-based access control model[J].Journal of Zhejiang University Science,2002,3(3):292-297. 被引量：3
7刘伟,孙玉芳.基于角色访问控制模型及其在操作系统中的实现[J].计算机科学,2003,30(8):166-168. 被引量：9
8朱一群,李建华,张全海.A General Attribute and Rule Based Role-Based Access Control Model[J].Journal of Shanghai Jiaotong university(Science),2007,12(6):719-724.
9WANGZhi-gang LUZheng-ding LIRui-xuan WUWei WANGXiao-gang.TrustedRBAC——A Distributed Authorization Infrastructure Span Multiple Autonomous Domains[J].Wuhan University Journal of Natural Sciences,2004,9(5):694-698.

Wuhan University Journal of Natural Sciences

2008年第1期

浏览历史

内容加载中请稍等...

General Attribute Based RBAC Model for Web Services 被引量：3

参考文献10

同被引文献80

引证文献3

二级引证文献88

相关作者

相关机构

相关主题

浏览历史