在目前高度动态、异构化、分布式的现代信息系统中,跨越单个域的限制,在多个信任域之间实现资源共享和进行安全互操作是非常必要的[1].论文研究了多信任域认证授权系统的两种模型:网关模式基本模型和分布式基本模型.并分析了IRBAC(Interoperability Role Based Access Control)2000模型的基本思想及其存在的问题.其不足主要表现在:1)多信任域间角色映射中违背职责分离原则;2)没有考虑某一角色加入或退出时,与之关联角色的处理问题.针对不足,该文提出了MTD-EIRBAC模型.信任度计算和粒逻辑推理的引入,实现了MTD-EIRBAC模型的动态授权,很好地解决了角色变换(如角色的加入或退出)时与之相关联角色的处理和域穿梭时的角色渗透和隐提升问题,使多信任域间能够进行安全、灵活的协作.%In the current information system which is highly dynamic,heterogeneous and distributed,it is necessary to realizing information-sharing and interoperation among multi-trust domains securely by acrossing single-domains restriction.This thesis investigates two kinds of models of multi-domain authentication and authorization system:based model of gateway mode and based model of distributed mode.We analyse the basic idea of the IRBAC(Interoperability Role Based Access Control) 2000 model,then points out several existing problems in them,which are showed as follows:1) it violates the principle of duty separateness during role mapping among multi-trust domain; 2) it dose not consider how to process the related role when roles enter or exit.To solve the above problems,the MTD-EIRBAC model is proposed.With the introduction of the trust-level computing and granular logical reasoning,the dynamic authorization of the MTD-EIRBAC model is realized,and the problems of both the related role processing while roles changes(role enter or exit),and the role infiltration and implicit promotion while the role shuttles the other domains are properly resolved.The safe and flexible collaboration of multi-trust domains is maken possible.
展开▼
