In current role-based systems, security officers handle assignments of users to roles. However, fully depending on this functionality may increase management efforts in a distributed environment because of the continuous involvement from security officers. The emerging technology of role-based delegation provides a means for implementing RBAC in a distributed environment with empowerment of individual users. The basic idea behind a role-based delegation is that users themselves may delegate role authorities to other users to carry out some functions on behalf of the former. This paper presents a role-based delegation model called RDM2000 (role-based delegation model 2000), which is an extension of RBDM0 by supporting hierarchical roles and multi-step delegation. The paper explores different approaches for delegation and revocation. Also, a rule-based language for specifying and enforcing the policies based on RDM2000 is introduced.
在当前基于角色的系统中,安全员处理用户对角色的分配。但是,由于安全人员的不断参与,完全依赖此功能可能会增加分布式环境中的管理工作。基于角色的委派的新兴技术提供了一种在单个用户授权的分布式环境中实施RBAC的方法。基于角色的委派的基本思想是用户自己可以将角色授权委派给其他用户以代表前者执行某些功能。本文提出了一种称为RDM2000的基于角色的委派模型(基于角色的委派模型2000),它是RBDM0的扩展,它支持分层角色和多步委派。本文探讨了用于委派和吊销的不同方法。此外,还介绍了一种基于规则的语言,用于基于RDM2000指定和执行策略。
机译:分布式数据管理系统中基于角色的访问控制的动态委派框架
机译:WFMS中基于任务角色的访问控制的委托框架
机译:基于内容的图像分类和检索:使用粗糙集框架的基于规则的系统
机译:基于角色的约束委派的基于规则的框架
机译:基于角色的委派模型的框架。
机译:一个简单而精确的基于规则的建模框架用于在二维培养中模拟自分泌/旁分泌刺激L1CAM对胶质母细胞瘤细胞运动和增殖的刺激
机译:基于规则的基于角色的委派和撤销框架
