Journal of Software:2003.14(1):76-82

Task-Based Access Control Model
Chart / table
Similar Articles
Article :Browse 6912   Download 8673
Received:June 22, 2001    Revised:September 18, 2001
> 中文摘要: 目前的访问控制模型都是从系统的角度出发去保护资源,在进行权限的控制时没有考虑执行的上下文环境.然而,随着数据库、网络和分布式计算的发展,组织任务进一步自动化,与服务相关的信息进一步计算机化,这促使人们将安全问题方面的注意力从独立的计算机系统中静态的主体和客体保护,转移到随着任务的执行而进行动态授权的保护上.介绍了一种称为基于任务的访问控制TBAC(task-based access control)的访问控制机制.它从工作流中的任务角度建模,可以依据任务和任务状态的不同,对权限进行动态管理.TBAC非常适合分布式计算和多点访问控制的信息处理控制以及在工作流、分布式处理和事务管理系统中的决策制定.介绍了TBAC的基本概念,对其模型进行了形式化描述和分析.可以预见,TBAC将在办公及商业等多种领域中得到广泛的应用.
Abstract:Nowadays, all access control models take a system-centric view of protecting resources, and they don’t take the context into account when controlling the permissions. However, with the development of databases, networking, and distributed computing, it causes people to shift the focus on security issues from the protection of individual objects and subjects in isolated computer systems, to the protection of dynamically authorization with different task. In this paper, an access control mechanism called TBAC (task-based access control) is introduced, which models from the tasks in workflow and dynamically manage the permissions through tasks and tasks’ status. The TBAC is well suited for distributed computing, information processing activities with multiple points of access, and decision making in workflow and distributed process and transaction management system. The basic concepts of TBAC are introduced and a formalization description and an analysis are given. It is clear that TBAC will be used widely in many fields, such as OA, business, and so on.
文章编号:     中图分类号:    文献标志码:
基金项目:(Supported by the National High Technology Development 863 Program of China under Grant No.863-301-1-3 (国家863高科技发展计划) (Supported by the National High Technology Development 863 Program of China under Grant No.863-301-1-3 (国家863高科技发展计划)
Foundation items:
Reference text:


DENG Ji-Bo,HONG Fan.Task-Based Access Control Model.Journal of Software,2003,14(1):76-82