【摘要】 基于角色的存取控制(RBAC,Role-BasedAccessControl)已经在越来越多的MIS,DBMS,DSS,OS,OA,CAI等软件系统中使用,已成为信息系统领域研究的热点问题之一。传统的RBAC模型对角色(Role)授权管理是静态的。但是现代软件系统要求对角色的管理具有动态性。该文引入角色环境函数和角色约束规则的概念,提出了一种扩展角色存取控制模型(ERBAC,ExpandedRole-BasedAccessControl),扩展了RBAC的动态性,讨论了新的角色关系、授权规则和形式化描述,给出了实现ERBAC的基本框架。更多还原

【Abstract】 RBAC(Role-Based Access Control)has been generally used in morden software systems ,such as MIS,DBMS ,DSS,OS,OA,and it has become one of hot research topics in the area of information.But most of the existing RBAC models are static,and the dynamic management for roles is required by morden software systems.With the notions,role environment function and role constraint rule used,a new model,expanded role -based access control(ERBAC),is proposed,the dynamic characteristic of RBAC in spacial-time is extended,the new relationships among roles,the grant rules and the formal descriptions are defined and discussed.Finally,a basic framework implementing ERBAC model is given.更多还原