%0 Journal Article
%T Dynamic authorization scheme based on delegation in distributed system<br>基于委托的分布式动态授权策略
%A ZHANG Run-lian
%A WU Xiao-nian
%A DONG Xiao-sheSchool of Electronic
%A Information Engineering
%A Xi'an Jiaotong University
%A Xi'an Shaanxi
%A China
%A School of Information
%A Communication
%A Guilin University of Electronic Technology
%A Guilin Guangxi
%A National Laboratory for Modern Communication
%A Chengdu Sichuan
%A <br>张润莲
%A 武小年
%A 董小社
%J 计算机应用
%D 2008
%I 
%X Concerning the authority in distributed environment for collaboration, a dynamic authorization scheme was presented based on delegation and RBAC model. The scheme supports partial role delegation, by expanding element sets of RBAC model, enlarging static authorization operations, and allowing the delegator to create temporary delegation roles and assign others (the delegatee) to the particular roles. The scheme was implemented by three-level frameworks, and the operating process about how to authorize dynamically in delegation model was described. The application shows that the scheme can adapt to distributed and dynamic environment, and follow the least privilege principle.
%K access control
%K delegation
%K Role-Based Access Control (RBAC)
%K Public Key Infrastructure (PKI)
%K Privilege Management Infrastructure (PMI)<br>访问控制
%K 委托授权
%K 角色访问控制
%K 公钥基础设施
%K 特权管理基础设施
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=831E194C147C78FAAFCC50BC7ADD1732&aid=0B1A2EDF854CC693127426B7E8A517B4&yid=67289AFF6305E306&vid=D3E34374A0D77D7F&iid=B31275AF3241DB2D&sid=995E04834DE9F169&eid=5A64531D29896B77&journal_id=1001-9081&journal_name=计算机应用&referenced_num=0&reference_num=7