一种灵活的基于权限划分的授权代理模型

J4 ›› 2010, Vol. 48 ›› Issue (05): 799-804.

一种灵活的基于权限划分的授权代理模型

马皓, 刘淑芬, 姚志林, 方勇

吉林大学计算机科学与技术学院, 长春 130012

收稿日期:2009-10-19 出版日期:2010-09-26 发布日期:2010-09-21
通讯作者: 刘淑芬 E-mail:liusf@jlu.edu.cn

A Flexible Delegation Model Based on Permissions Division

MA Hao, LIU Shufen, YAO Zhilin, FANG Yong

College of Computer Science and Technology, Jilin University, Changchun 130012, China

Received:2009-10-19 Online:2010-09-26 Published:2010-09-21
Contact: LIU Shufen E-mail:liusf@jlu.edu.cn

摘要/Abstract

摘要：

针对传统授权代理模型灵活性较低、结构复杂等问题, 在基于权限代理模型的基础上, 提出一种改进的授权代理模型〖CD2〗灵活的基于权限划分的授权代理模型. 该模型使用划分权限方法代替划分角色, 将所有权限划分为3个集合：可代理权限集、半可代理权限集和不可代理权限集, 实现了特定权限代理并简化了模型结构. 实验结果表明, 该模型在保证系统安全性的同时, 使授权代理的实现和管理更简单、灵活.

关键词: 权限划分, 授权代理；角色

Abstract:

In view of the problem of low flexibility and complex structure of traditional delegation models, this paper introduces an improved delegation model named flexible delegation model based on permissions division, which is built on permissionbased delegation model. Instead of dividing roles, the permissions are divided into three sets in this model, which include delegable
permission, semidelegable permission and undelegable permission. It realizes special permissions delegation and simplifies the structure of the model. The results show that this model makes the realization and management of the delegation more easy and flexible, at the same time it ensures the security of the system.

Key words: permissions division, delegation, role

中图分类号:

TP309

马皓, 刘淑芬, 姚志林, 方勇. 一种灵活的基于权限划分的授权代理模型[J]. J4, 2010, 48(05): 799-804.

MA Hao, LIU Chu-Fen, TAO Zhi-Lin, FANG Yong. A Flexible Delegation Model Based on Permissions Division[J]. J4, 2010, 48(05): 799-804.