* In 2001, NIST proposed a consensus model for RBAC, and has been adopted as ANSI INCITS 359-2004. The main innovation of the NIST standard is the introduction of the RBAC System and Administrative Functional Specification, which defines the features required for an RBAC system in three categories: ? ? Supporting system functions: provide functions for session management and for making access control decisions ? Review functions: provide the capability to perform query operations on RBAC elements and relations The NIST RBAC model comprises four model components (Figure 4.11): core RBAC, hierarchical RBAC, static separation of duty (SSD) relations, and dynamic separation of duty (DSD) relations. The elements of core RBAC are the same as those of RBAC0 described in the preceding section: users, roles, permissions, and sessions. The NIST model elaborates on the concept of permissions by introducing two subordinate entities: operations and objects. Hierarchical RBAC includes the concept of inheritance described for RBAC1, that greatly simplifies the task of defining permission relationships. SSD and DSD are two components that add constraints to the NIST RBAC model. The constraints are in the form of separation of duty relations, used to enforce conflict of interest policies that organizations may employ to prevent users from exceeding a reasonable level of authority for their positions. See text for more details. * The Dresdner Bank has implemented an RBAC system which is system wide and in which the determination of access rights is compartmentalized into three different administrative units for greater security. Roles within the organization are defined by a combination of official position and job function, and form a role hierarchy in which one role is superior to another if its position is superior and their functions are identical. This makes it possible to economize on access rights definitions. When a user invokes an application, the application grants acces
您可能关注的文档
- 第四单元经济生活讲述介绍.ppt
- 第四章汽车其它工程介绍.ppt
- 第四章汽轮机本体结构介绍.ppt
- 第四章-汽轮机本体结构介绍.ppt
- 第四单元经济生活介绍.ppt
- 第四章汽轮机调节介绍.ppt
- 第四单元统计介绍.ppt
- 第四单元王安石变法(精编)介绍.ppt
- 第四单元物质构成的奥秘复习介绍.ppt
- 第四章汽油供给系介绍.ppt
- 2025年全国演出经纪人员资格认定考试试卷带答案(研优卷).docx
- 2025年全国演出经纪人员资格认定考试试卷完整版.docx
- 2025年全国演出经纪人员资格认定考试试题库及完整答案.docx
- 2025年全国演出经纪人员资格认定考试试卷完美版.docx
- 2025年全国演出经纪人员资格认定考试试卷含答案(实用).docx
- 2025年全国演出经纪人员资格认定考试试卷及答案(各地真题).docx
- 2025年下半年内江市部分事业单位公开考试招聘工作人员(240人)备考题库附答案.docx
- 2025年全国演出经纪人员资格认定考试试卷及答案1套.docx
- 2025年下半年四川成都市郫都区面向社会引进公共类事业单位人员2人备考题库最新.docx
- 2025年下半年内江市部分事业单位公开考试招聘工作人员(240人)备考题库附答案.docx
原创力文档

文档评论(0)