An Extended RBAC Model Based on Granular Logic

被引：1

作者：

Han Jian-min ^{[1
]}

Li Xi-yu ^{[1
]}

Yu Hui-qun ^{[2
]}

Tong Jun ^{[1
]}

机构：

[1] Zhejiang Normal Univ, Math Phys & Informat Engn Coll, Jinhua 321004, Peoples R China

[2] East China Univ Sci & Technol, Dept Comp Sci & Engn, Shanghai 200237, Peoples R China

来源：

2008 IEEE INTERNATIONAL CONFERENCE ON GRANULAR COMPUTING, VOLS 1 AND 2 | 2008年

关键词：

D O I：

10.1109/GRC.2008.4664701

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

RBAC(Role-Based Access Control) has been widely investigated and adopted for its simplicity and effectiveness. However there still exist some defects in it, including: (1) traditional RBAC does not consider time and context factors. (2) traditional RBAC only defines a simple logical relationship among roles and permissions, which makes it incompetent to solve authorization problem for large-scale dynamic systems. To remedy these defects, the paper introduces granular computing to RBAC and proposes G-P-BA C modeL G-RBAC granulates permissions and roles, and introduces time and context factors to them. The paper also defines elements' logical relationship in G-RBAC based on granular logic and realizes authorization decision-making by granular logic reasoning. The application examples show that G-RBAC can enhance flexibility of authorization, and realize fine grained access control effectively for large scale enterprise information system.

引用

页码：261 / +

页数：2

共 10 条

[1] Chakraborty S., 2006, SACMAT 2006. Proceedings of Eleventh ACM Symposium on Access Control Models and Technologies, P49
[2] Ferraiolo D. F., 2001, ACM Transactions on Information and Systems Security, V4, P224, DOI 10.1145/501978.501980
[3] Ferraiolo D.F., 1992, 15 NATL COMPUTER SEC, P554
[4] RT:: A role-based trust-management framework
Li, NH
Mitchell, JC
[J]. DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION, VOL I, PROCEEDINGS, 2003, : 201 - 212
[5] Liu Q., 2004, COMPUTER RES DEV, V41, P546
[6] Liu Qing, 2004, Chinese Journal of Computers, V27, P865
[7] MIAO BQ, 2007, GRANULE COMPUTATION
[8] Role based access control models
Sandhu, RS
Coyne, EJ
Feinstein, HL
Youman, CE
[J]. COMPUTER, 1996, 29 (02) : 38 - &
[9] Tang Liu-Ying, 2006, Chinese Journal of Computers, V29, P1419
[10] ZHAI QD, 2007, J SOFTWARE, V18, P2000

← 1 →