Abstract: In order to resolve the problem of safety analysis for Usage Control with delegation feature, this article first formalized the delegation process for its one child model, pre-authorization model; the security of a general UCONpreA model with delegation feature was undecidable through analysis, by means of constructing a finite state machine, the security of a constrained UCONpreA model with delegation feature was proved decidable; lastly, the traditional role based delegation model was simulated successfully using the constrained model. This research enhances the expression power of UCON even further, and ensures its safety effectively.

Key words: usage control, safety analysis, finite state machine, delegation, RBDM0

摘要： 针对使用控制模型（Usage Control, UCON）中加入委托功能后安全分析愈加复杂的问题，本文首先形式化地表达了其子模型—使用前授权（UCONpreA）的委托过程，通过分析证明了一般带有委托功能的UCONpreA模型的安全性是不可确定的，然后通过构造有限状态机的方法证明了一个受约束的带有委托功能的UCONpreA模型的安全性是可确定的，最后利用该约束模型成功地表达了传统的基于角色的委托模型（RBDM0）。本研究进一步增强了UCON的表达能力，并有效保证其安全性。

关键词: 使用控制, 安全性分析, 有限状态机, 委托, 基于角色的委托模型