%0 Journal Article
%T Using RBAC-based Approach to Integrate Access Control Policies in Legacy Systems
用基于RBAC的方法集成遗产系统的访问控制策略
%A LI Han
%A GUO He
%A WANG Yu-xin
%A LU Guo-ji
%A YANG Yuan-sheng
%A
李 寒
%A 郭 禾
%A 王宇新
%A 陆国际
%A 杨元生
%J 计算机科学
%D 2011
%I
%X Access control whose objective is to ensure the security of accessing to resources in software systems is an essential part for software systems. As access control policies in legacy systems seldom based on roles are represented in various forms, an RI3AC-based approach was proposed to integrate these access control policies. I}he approach maps permission of legacy systems to tasks of integrated system. Based on task trees and transformation rules of access control policy, various access control policies were reorganized in a unified form. Moreover, management rules were provided to achieve further authorization. A case study is demonstrated to depict the proposed approach is a feasible solution to integrate legacy access control policies and introduce RI3AC into legacy systems.
%K Role based access control
%K Access control policy
%K Legacy system
%K Integration
%K Task
基于角色的访问控制,访问控制策略,遗产系统,集成,任务
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=64A12D73428C8B8DBFB978D04DFEB3C1&aid=3FDBEA69C21D71CD47320F5945BB39BB&yid=9377ED8094509821&vid=16D8618C6164A3ED&iid=DF92D298D3FF1E6E&sid=6FBD78E3BAB60869&eid=45CF2F8D957ADEB1&journal_id=1002-137X&journal_name=计算机科学&referenced_num=0&reference_num=9