论文部分内容阅读
针对传统RBAC模型的不足,在对文献中改进的模型进行了分析、研究的基础上,提出了增加约束策略和配置个性化操作界面的扩展模型——MC-RBAC,给出了模型的形式化定义,同时对该模型进行了设计实现,并在具体的信息系统开发中得以应用。实践表明,扩展后的模型能够实现操作和对象权限的细粒度控制,同时也实现了根据不同的角色自动配置不同功能的操作界面,提高了系统的安全性和配置的灵活性。
Aiming at the deficiency of the traditional RBAC model, based on the analysis and research of the improved model in the literature, a new extended model named MC-RBAC with constraint strategy and personal interface is proposed. The formalization of the model is given Definition, at the same time the design of the model has been implemented, and in the development of specific information systems to be applied. Practice shows that the extended model can achieve the fine-grained control of the operation and the object rights, meanwhile, the operation interface of different functions can be automatically configured according to different roles, thereby improving the security of the system and the flexibility of the configuration.