|
|
系统工程理论与实践 2002
An RBAC Model Using Digital Certificates
|
Abstract:
Role\|based access control is an effective approachto implement powerful access control for Intranet resource share to keep unauthorized event from happening. Based on the PKI and directory service of enterprise, we prompt a method to use X.509 certificate and attribute certificate to implement RBAC easily and flexibly. We analyze the problem of security and flexibility caused by only using X.509 certificate to implement RBAC, prompt the design of combined attribute certificate and give the implementation method of role assignment, permission assignment and role hierarchy.
