计算机应用 ›› 2012, Vol. 32 ›› Issue (12): 3422-3425.DOI: 10.3724/SP.J.1087.2012.03422

• 信息安全 • 上一篇    下一篇

多域环境下安全互操作研究

叶春晓,郭东恒   

  1. 重庆大学 计算机学院,重庆 400044
  • 收稿日期:2012-06-11 修回日期:2012-07-26 发布日期:2012-12-29 出版日期:2012-12-01
  • 通讯作者: 郭东恒
  • 作者简介:叶春晓(1973-),男,重庆人,教授,博士,主要研究方向:访问控制、数据库、软件工程;〓郭东恒(1987-),男,山东平原人,硕士研究生,主要研究方向:访问控制、策略合成。

Research on secure interoperation in multi-domain environment

YE Chun-xiao,GUO Dong-heng   

  1. School of Computer Science, Chongqing University, Chongqing 400044,China
  • Received:2012-06-11 Revised:2012-07-26 Online:2012-12-29 Published:2012-12-01
  • Contact: GUO Dong-heng

摘要: 基于角色的访问控制(RBAC)实现域间互操作的访问控制策略主要是采取角色映射的方法。针对角色在域间映射过程中,没有考虑同一角色对不同域的作用程度和域与域之间互信级别不同的问题。提出角色映射阈值属性和域阈值属性的概念,一定程度上解决了同一角色对不同域的作用程度和域与域间信任级别不同的问题,为不同组织域间实现互操作实现更加细粒度的访问控制,进一步提高了域间互操作的安全性。

关键词: 信息安全, 访问控制, 多域, 角色的访问控制

Abstract: The role-based access control policy is mainly to take the role mapping to achieve inter-domain interoperability. The role mapping does not consider the extent of the same role of impact on different domains, and different level of mutual trust between one domain and the other domain. Role mapping properties of the threshold and domain properties of the threshold were proposed, to solve the different problems of the same role on different domains and inter-domain trust level, and the different domains were organized in a more fine-grained access control, thus further improving the inter-domain interoperability security issues.

Key words: information security, access control, multi-domain, Role-Based Access Control (RBAC)

中图分类号: