| 一种含工作流Web信息系统的访问控制模型设计实现 |
| |
| 引用本文: | 王江,李中学.一种含工作流Web信息系统的访问控制模型设计实现[J].后勤工程学院学报,2006,22(3):49-52,56. |
| |
| 作者姓名: | 王江 李中学 |
| |
| 作者单位: | 后勤工程学院,后勤信息工程系,重庆,400016 |
| |
| 摘 要: | 包含工作流的Web信息系统是目前较为流行的一种系统应用模式。针对现有TRBAC模型在此类系统应用中存在的控制数据冗余、效率低下等不足改进提出了一种新的访问控制模型,该模型将RBAC与TRBAC进行结合,并按操作级别对角色与权限进行划分,通过引入流程历史信息等约束条件实现动态授权中操作权限与执行上下文的紧密关联,较好地实现了动、静态授权的分离,在保证系统安全的同时降低了访问控制策略的复杂度,为此类系统访问控制策略的制定提供了一个基本的参考性框架。最后以基于Web的办公自动化系统为例描述了模型在应用中的实现方案。
|
| 关 键 词: | Web信息系统 工作流 访问控制模型 动态授权 |
| 文章编号: | 1672-7843(2006)03-0049-04 |
| 修稿时间: | 2006年4月20日 |
Design and Implementation of Access Control Model in Web Information System with Workflow |
| |
| WANG Jiang,LI Zhongxue.Design and Implementation of Access Control Model in Web Information System with Workflow[J].Journal of Logistical Engineering University,2006,22(3):49-52,56. |
| |
| Authors: | WANG Jiang LI Zhongxue |
| |
| Abstract: | Web Information System with workflow is a prevalent mode of system application. In allusion to the deficiencies of applying TRBAC model in such a kind of system which includes redundancy control data and low efficiency,this article puts forward an improved access control model. The model integrates RBAC and TRBAC, partitioning roles and permissions by the level of operation. In the dynamic authorization, operating permissions and function contexts are related by constraints with history information. By applying this model, the static authorization and the dynamic authorization are separated effectively, the complexity of access control strategy is lowered when the security is ensured, and a reference frame is provided. In the end, an implementation of the model in Web OA is described as an example. |
| |
| Keywords: | Web Information System workflow access control model dynamic authorization |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
