基于任务的访问控制.pdfVIP

1000-9825/2003/14(01)0076 ©2003 Journal of Software 软 件 学 报 Vol.14, No.1 基于任务的访问控制模型 + 邓集波 , 洪 帆 (华中科技大学 计算机科学与技术学院 数据安全与保密实验室,湖北 武汉 430074) Task-Based Access Control Model + DENG Ji-Bo , HONG Fan (Laboratory of Data Security and Cryptology, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China) + Corresponding author: Phn: 86-27 E-mail: dengjb303@163.com Received 2001-06-22; Accepted 2001-09-18 Deng JB, Hong F. Task-Based access control model. Journal of Software, 2003,14(1):76~82. Abstract : Nowadays, all access control models take a system-centric view of protecting resources, and they don’t take the context into account when controlling the permissions. However, with the development of databases, networking, and distributed computing, it causes people to shift the focus on security issues from the protection of individual objects and subjects in isolated computer systems, to the protection of dynamically authorization with different task. In this paper, an access control mechanism called TBAC (task-based access control) is introduced, which models from the tasks in workflow and dynamically manage the permissions through tasks and tasks ’ status. The TBAC is well suited for distributed computing, information processing activities with multiple points of access, and decision making in workflow and distributed process and transaction management system. The basic concepts of TBAC are introduced and a formalization description and an analysis are given. It is clear that TBAC will be used widely in many fields, such as OA, business, and so on. Key words : task-based access control; active security model; task; workflow 摘 要: 目前的访问控制模型都是从系统的角度出发去保护资源,在进行权限的控制时没有考虑执行的上下 文环境.然而,随着数据库 网络和分布式计算的发展, 组织任务进一步自动化, 与服务相关的信息进一步计算机 化,这促使人们将