【摘要】 针对经典的RBAC96模型及相关模型中角色私有权限处理方法的不足之处,提出了一个改进的角色层次关系模型IHRBAC.该模型通过在角色权限委派关系中引入角色权限继承极限值和最大继承极限值,划分角色权限为私有权限和公有权限,定义私有化继承和公有化继承二种继承方式,形成了一个支持安全管理员宏观控制下的角色权限委派分级管理的改进模型,克服了多数模型集中式管理模式的局限性,并能够灵活地反映复杂的角色层次关系.更多还原

【Abstract】 According to the shortcoming of the classic RBAC96 model and its relative ones,an improved hierarchy role-based access control model IHRBAC is presented.By using the concepts of role-permission inheritance limit and extreme limit in the relation of role-permission assignment,the role permissions are divided into private permissions and public ones,and the concepts of privatizing inheritance and publicizing inheritance are defined.In IHRBAC model,the multi-level management of role-permission assignment can be used under the control of security manager,which can overcome the limitations of central administration mode in most RBAC models,and flexibly describe the more complicated role relationships.更多还原