| RBAC在铁路客票网络安全系统中的应用 |
| |
| 引用本文: | 刘培顺,何大可.RBAC在铁路客票网络安全系统中的应用[J].铁道学报,2004,26(3):62-66. |
| |
| 作者姓名: | 刘培顺 何大可 |
| |
| 作者单位: | 西南交通大学,计算机与通信工程学院,四川,成都,610031 |
| |
| 基金项目: | 国家863信息安全主题课题(2002AA145021) |
| |
| 摘 要: | 基于角色访问控制(RBAC)是近几年访问控制领域的研究热点,本文详细描述了基于角色的访问控制模型,探讨了其实现机制,并将之应用于铁路客票安全系统。在已提出的各种模型中,对角色的定义大都没有进行明确分类,往往造成角色权限的冲突,成为安全隐患。本系统根据一般安全系统的具备的特征对角色进行了分类,对各个子类定义了通用的角色约束机制,以避免冲突。客票系统是个复杂的分布式系统,在其访问控制的设计中,按照客票系统的实际情况进行了扩充和修改,从安全性和可用性给出了具体的解决方案。
|
| 关 键 词: | 信息安全 访问控制 基于角色的访问控制 约束 |
| 文章编号: | 1001-8360(2004)03-0062-05 |
| 修稿时间: | 2003年8月22日 |
Application of RBAC in the Railway Passenger Ticket Network Security System |
| |
| LIU Pei-shun,HE Da-ke.Application of RBAC in the Railway Passenger Ticket Network Security System[J].Journal of the China railway Society,2004,26(3):62-66. |
| |
| Authors: | LIU Pei-shun HE Da-ke |
| |
| Abstract: | Role based access control is a hot topic in the research field of access control recently. In this paper the role based access control model and its implementation are discussed, moreover, it is applied to the railway passenger ticket network security system. In various kinds of models that have been proposed, the definitions of most roles are not classified definitely, which causes conflicts between role authorities and gives hidden trouble to security. In this system, the roles are classified according to the properties of general security systems, and the universal role restriction mechanism is defined for every sub-role so as to avoid conflict. The railway passenger ticket network system is a complex distributed system, so the design of its network security access control system should follow relevant criteria, at the same time, it should be extended and modified according to actual conditions. The safe and usable solution is presented finally. |
| |
| Keywords: | information security access control role based access control constraints |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
