扩展的基于属性的访问矩阵模型
穆玲玲;张韶松
【期刊名称】《计算机工程与设计》 【年(卷),期】2012(033)010
【摘要】针对传统访问矩阵模型的不足,提出了一种扩展的基于属性的访问矩阵模型.该模型以主体属性、客体属性、时间属性为参数,按照一定的授权规则来授权,授权规则是根据用户的需求而制定的.授权模型的提出和授权规则的灵活制定保证了访问矩阵能够灵活多样的赋予主体权限,弥补了传统访问矩阵的不足,并很好的适应当前的复杂情况.通过模型的理论设计,表明了模型的可行性.%Aimed at the shortcomings of the traditional access control model, an extended attribute-based assecc control model is proposed. This model uses parameters, including subject attributes, object attributes and time attributes , and authorization rules to complete authorization. Authorization rules are built according to the users' requirements. Authorization model and flexibility of building authorization rules guaranteed the access control can flexibly assign rights to subject that made up the shortcomings of the traditional access control and is very suitable for current complex situation. The implementation of the model proves its feasibility.
【总页数】5页(3797-3800,3806)
【关键词】信息安全;属性;访问控制;授权模型;访问矩阵 【作者】穆玲玲;张韶松
扩展的基于属性的访问矩阵模型
