摘要
针对传统的基于角色的访问控制模型在大型应用系统中存在角色数目巨大、临时授权管理繁琐等问题,提出了一种改进的基于组织结构的RBAC模型(IO-RBAC)。该模型规定角色只有在特定的组织部门中才能获取相应的权限,并能通过对特殊用户直接授权的方式实现临时授权。实际应用案例表明,该模型在减少角色数量的同时,提高了权限管理的灵活性。
The traditional RBAC model has some disadvantages in the use of large application system such as the large number of roles, numerous temporary access authorizations, and so on.To resolve these problems, an improved RBAC model, based on organization structure(IO-RBAC) is put forward.In this new model, roles are authorized only in given organizations, and temporary permission is carried out by authorizing to a special user.Application shows that IO-RBAC model not only reduce the number of roles but also improve the flexibility of permission management.
出处
《计算机工程与设计》
CSCD
北大核心
2009年第23期5340-5343,共4页
Computer Engineering and Design
基金
国家自然科学基金项目(60773055)
江西省卫生厅科技计划基金项目(ID20071995)
关键词
基于角色的访问控制
角色
访问控制
组织结构
权限管理
RBAC(role-based access control)
role
access control
organizational structure
permission management
