OASIS is a role-based access control architecture for achieving secure interoperation of services in an open, distributed environment. Services define roles and implement formally specified policy for role activation and service use; users must present the required credentials, in the specified context, in order to activate a role or invoke a service. Roles are activated for the duration of a session only. In addition, a role is deactivated immediately if any of the conditions of the membership rule associated with its activation becomes false.
OASIS does not use role delegation but instead defines the notion of appointment, whereby a user in some role may issue an ctright{} to some other user. The role activation conditions of services may include ctright{}s, prerequisite roles and environmental constraints.
We motivate our approach and formalise OASIS. First, a basic model is presented followed by an extended model which includes parameterisation.
OASIS不使用角色委派,而是定义任命的概念,由此具有某个角色的用户可以向其他用户发出\ actright {}。服务的角色激活条件可能包括\ actright {},先决条件角色和环境约束。
我们激励我们的方法并使OASIS正式化。首先,介绍一个基本模型,然后介绍一个包含参数化的扩展模型。
机译:用于多域移动网络中安全策略的基于角色的正式访问控制模型
机译:用于多域移动网络中安全策略的基于角色的正式访问控制模型
机译:基于角色的多级安全访问控制模型
机译:基于OASIS角色的访问控制模型及其对活动安全性的支持
机译:具有访问控制列表和基于角色的访问控制模型的可扩展访问控制Web服务的规范。
机译:健康信息系统基于角色的访问控制当前的安全趋势和挑战
机译:OasIs基于角色的访问控制模型及其对主动安全的支持
机译:基于角色的访问控制的修订模型
