论文部分内容阅读
针对工作流管理系统中动态多级T-RBAC模型对权限的动态调整没有严格的限制,对资源使用状态缺乏监督,进而引发系统授权效率低下、资源请求易陷入死锁、易引发拒绝服务攻击、系统响应速度慢等的问题,提出一种改进模型。增加权限管理者和资源管理者,权限管理者对工作流执行过程中权限的分配与调整进行监督,资源管理者对资源的使用状态进行动态管理与监控,与原有模型相比,新模型可以提高系统的响应效率,防止拒绝服务攻击,并能解决任务执行过程中的死锁问题,符合最小权限原则和职责分离原则。
The dynamic multi-level T-RBAC model in the workflow management system has no strict restriction on the dynamic adjustment of authority. It lacks supervision on the state of resource utilization, which leads to the inefficiency of system authorization and the resource request easy to fall into deadlock. It is easy to cause denial of service attack, System response slow and so on, put forward an improved model. Increase authority managers and resource managers and authority managers to supervise the distribution and adjustment of authority in the process of workflow implementation, and the resource managers can dynamically manage and monitor the use status of resources. Compared with the original model, the new model can Improve system response efficiency, prevent denial of service attacks, and can solve the problem of deadlock in the execution of the task, in line with the principle of least privilege and separation of duties.