• Article
  • | |
  • Metrics
  • |
  • Reference [1]
  • |
  • Related [20]
  • |
  • Cited by [86]
  • | |
  • Comments
    Abstract:

    One of the most challenging problems in managing large computer software systems on global network is the complexity of security administration. The RBAC (role-based access control) method shows powerful capability on access control by realizing logical separation between users and permissions and constructing role hierarchies. This paper presents a role hierarchy model EHRBAC (extended hierarchy role-based access control) based on RBAC96, which defines common permissions and private permissions and imports normal inheritance and extended inheritance. Based on EHRBAC, the authors realize the security administration for the Petrochemical Market Information System. The EHRBAC model can specify the complex inheritance of roles and simplify their relation hierarchies. It minimizes the role access permissions by the separation of private permissions from common permissions.

    Reference
    1  Ferraiolo D F, Kuhn R. Role-Based access control. In: Proceedings of the 15th National Computer Security Conference. Baltimore, MD, 1992. 554~563, http://hissa.ncsl.nist.gov/kuhn/ 2  Sandhu R, Samarati P. Access control: principles and practice. IEEE Communications, 1994,32(9):40~48 3  Ramaswamy C, Sandhu R. Role-Based access control features in commercial database management systems. In: Proceedings of the 21st National Information Systems Security Conference. Virginia: U.S. Government Printing Office, 1998, http://www.list.gmu.edu/conferen.htm 4  Sandhu R, Coyne E J, Feinstein H L et al. Role-Based access control models. IEEE Computers, 1996,29(2):38~47 5  Sandhu R. Rationale for the RBAC96 family of access control models. In: Proceedings of the 1st ACM Workshop on Role-Based Access Control. ACM, 1997. http://www.list.gmu.edu/conferen.htm
    Comments
    Comments
    分享到微博
    Submit
Get Citation

钟华,冯玉琳,姜洪安.扩充角色层次关系模型及其应用.软件学报,2000,11(6):779-784

Copy
Share
Article Metrics
  • Abstract:4575
  • PDF: 5112
  • HTML: 0
  • Cited by: 0
History
  • Received:March 16,1999
  • Revised:June 07,1999
You are the first2033369Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063