|
|
计算机应用研究 2010
Active authorization rules for enforcing RBAC with spatial characteristics
|
Abstract:
To meet security policy or role structure changes, systems or models should provide a flexible mechanism for enforcing role-based access control (RBAC) with spatial characteristics in a seamless way. This paper used on-when-then-else authorization rules for enforcing RBAC with spatial characteristics. And showed the mapping between the basic elements in RBAC with spatial characteristics and the OWTE rule specification. Established OWTE rules as an enforcement mechanism, which could realize role-based constraints with spatial characteristics at different granularities and make RBAC with spatial characteristics usable in diverse domains. Finally discussed briefly how these authorization rules could be automatically generated from security policies using RBAC with spatial characteristics.
