###
DOI:
:2006.17(8):1804-1810

基于角色访问控制管理模型的安全性分析
杨秋伟,洪帆,杨木祥,朱贤
(华中科技大学,计算机学院,湖北,武汉,430074)
Security Analysis on Administrative Model of Role-Based Access Control
YANG Qiu-Wei,HONG Fan,YANG Mu-Xiang,ZHU Xian
()
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 3937   Download 3371
Received:May 19, 2005    Revised:October 10, 2005
> 中文摘要: 在基于角色的访问控制管理模型中,采用安全查询来描述系统安全策略,引入状态变换系统定义基于角色的访问控制管理模型及其安全分析,用图灵机理论和计算复杂性理论进行安全分析.将安全查询分类为必然性安全查询和可能性安全查询,证明了必然性安全查询和与状态无关的可能性安全查询能在多项式时间内被有效解决,给出了满足NP-完全问题的可能性安全查询的条件,而一般的可能性安全查询是不可判定的.
Abstract:Systemic security strategy is described by security query in administrative model of role-based access control (RBAC). According to the definition of state-transition system, security analysis is defined and executed on Turing machine. Security query is classified by necessity and possibility. As a result, necessary security query and possible security query independent of status can be resolved in polynomial time, and the conditions under which possible security query is NP-complete problem are presented, but general possible security query is un-decidable.
文章编号:     中图分类号:    文献标志码:
基金项目:Supported by the National Natural Science Foundation of China under Grant No.60403027 (国家自然科学基金) Supported by the National Natural Science Foundation of China under Grant No.60403027 (国家自然科学基金)
Foundation items:
Reference text:

杨秋伟,洪帆,杨木祥,朱贤.基于角色访问控制管理模型的安全性分析.软件学报,2006,17(8):1804-1810

YANG Qiu-Wei,HONG Fan,YANG Mu-Xiang,ZHU Xian.Security Analysis on Administrative Model of Role-Based Access Control.Journal of Software,2006,17(8):1804-1810