OALib Journal期刊
ISSN: 2333-9721
费用：99美元

投递稿件

查看量	下载量

相关文章
更多...

电子学报 2013

面向企业级流程的职责分离框架及其冗余分析

DOI: 10.3969/j.issn.0372-2112.2013.10.033, PP. 2087-2093

翟治年,卢亚辉,奚建清,赵铁柱,汤德佑,顾春华

Keywords: 访问控制,任务,角色,细粒度职责分离,冗余约束

Full-Text Cite this paper Add to My Lib

Abstract:

为企业级工作流授权机制定义了多维可泛化的职责分离框架,能够对团队任务涉及的多种分工形式进行深入全面的限制.系统分析了框架中的约束覆盖规则,并证明其正确性和完备性,为约束管理自动化奠定了基础.作为应用,根据规则给出了冗余动态约束的检测算法.最后通过案例研究验证了模型特性.

References

[1]	V Kolovski,J Hendler,B Parsia.Analyzing web access conttrol policies [A].Proceedings of the 16th International Conference on World Wide Web [C].Banff,Alberta,Canada,2007.677-686.
[2]	S Oh,S Park.Task-role based access control model[J].Journal of Information Systems,2003,28(6):533-562.
[3]	邢光林,洪帆.基于角色和任务的工作流授权模型及约束描述[J].计算机研究与发展,2005,(11):1946-1953. Xing G,Hong F.A workflow authorization model based on role and task and constraints specification[J].Computer Research and Development,2005,42(11):1946-1953.(in Chinese)
[4]	E Bertino,E Ferrari,V Atluri.The specification and enforcement of authorization constraints in workflow management systems[J].ACM Transaction on Information System Security,1999,2(1):65-104.
[5]	李凤华,苏,史国振,等.访问控制模型研究进展及发展趋势[J].电子学报,2012,40(4):805-813. Li F,Su M,Shi G,et al.Research status and development trends of access control model[J].Acta Electronica Sinica,2012,40(4):805-813.(in Chinese)
[6]	翟治年,卢亚辉,等.增强伸缩性的主被动集成访问控制模型[J].计算机集成制造系统,2011,17(8):1609-1623. Zhai Z,Lu Y,et al.Scalability enhanced active-passive-integrated access control model[J].Computer Integrated Manufacturing Systems,2011,17(8):1609-1623.(in Chinese)
[7]	Wu S,A Sheth,J Miller J,et al.Authorization and access control of application data in workflow systems[J].Journal of Intelligent Information Systems,2002,18(1):71-94.
[8]	翟治年,奚建清,等.主动授权管理中的关联继承机制[J].西安交通大学学报(自然科学版),2012,46(4):24-31. Zhai Z,Xi J,et al.Association inheritance mechanism in active authorization management[J].Journal of Xi''an Jiaotong University (Natural Science),2012,46(4):24-31.(in Chinese)
[9]	Wang Q,Li n.Satisfiability and resiliency in workflow authorization systems[J].ACM Transactions on Information and System Security,2010,13(4):1-35.
[10]	J Wainer,P Barthelmess,A Kumar.W-rbac─a workflow security model incorporating controlled overriding of constraints[J].International Journal of Cooperative Information Systems,2003,12(4):455-485.
[11]	Liu D,Wu M,Lee S.Role-based authorizations for workflow systems in support of task-based separation of duty[J].Journal of Systems and Software,2004,73(3):375-387.
[12]	王小明,付红,张立臣.基于属性的访问控制研究进展[J].电子学报,2010,38(7):1660-1667. Wang X,Fu H,Zhang L.Research progress on attribute-based access control[J].Acta Electronica Sinica,2010,38(7):1660-1667.(in Chinese)
[13]	王雅哲,冯登国.一种XACML规则冲突及冗余分析方法[J].计算机学报,2009,32(3):516-530. Wang Y,Feng D.Conflict and redundancy analysis method for xacml rules[J].Chinese Journal of Computers,2009,32(3):516-530.(in Chinese)

Contact Us

service@oalib.com

WhatsApp +8615387084133