基于角色的访问控制在多应用层CIMS中的应用

Application of Role based Access Control inMulti-application layers CIMS System

作者：刘孝保(电子科技大学机械电子工程学院，四川成都 610054)；杜平安(电子科技大学机械电子工程学院，四川成都 610054)

Author：(College of Mechatronics Eng., Univ. of Electronic Sci. and Technol. of China, Chengdu 610054, China)；(College of Mechatronics Eng., Univ. of Electronic Sci. and Technol. of China, Chengdu 610054, China)

收稿日期：2005-12-22 年卷（期）页码：2007,39(2):140-144

期刊名称：工程科学与技术

Journal Name：Advanced Engineering Sciences

关键字：基于角色的访问控制；安全模型；应用层；多应用层CIMS系统

Key words：role-based access control; security model; application-layer; multi-application-layers CIMS system

基金项目：国家863/CIMS主题资助项目(2003AA411210)

中文摘要

为了管理多应用层系统中的资源权限，充分利用RBAC在安全管理中的优势，提出了一个将RBAC融于多应用层的安全模型——Multi RBAC。它将RBAC合理实施到系统的各个应用层，管理位于不同应用层的系统资源权限。由于角色由各应用层的资源访问权限来定义，使角色划分更加合理、粒度更小，也更容易实现权限最小原则。同时，可充分结合各种先进的RBAC模型，满足多应用层下各种安全需求。在实现上，应用Multi RBAC成功开发并实施了一套CIMS安全管理系统，表明该模型是可行的。

英文摘要

In order to manage the privileges in multi application layers system and make use of the advantage of RBAC in security management, Multi-RBAC, a RBAC model that can be applied in all application-layers was presented. It was applied to all application-layers of system to protect the resources in different layers. Since the roles were defined by the resource privilege in different layers, the Multi RBAC made the classifying of roles more reasonable, the granularity less and the realization of least-privilege principle easier. Furthermore, all requirements of security can be satisfied with the help of other advanced RBAC model. In application, a security management system of CIMS was developed and applied successfully, which showed that the model is feasible.

【关闭】

论文摘要

基于角色的访问控制在多应用层CIMS中的应用

Application of Role based Access Control inMulti-application layers CIMS System