In order to apply the ideal of separating strategies from mechanism to access control, we proposed a kind of rule engine technology in access control model.The access control strategies were represented by rules.In the engine, attributes were loaded on real-time and rules were executed dynamically by Java reflective technology, which gets better flexibility.Then this paper pro-posed a rule matching algorithm based on the sharing node in multi-rule by researching on the Rete algorithm, which can improve the matching efficiency.%为将策略与机制分离的思想应用到访问控制模型,本文引入规则引擎技术,用规则来表示具体的访问控制策略,利用Java反射机制实现用户属性的实时加载和规则的动态执行,增强了规则引擎的灵活性,且通过对Rete算法的研究,提出基于多规则节点共享的规则匹配算法,提高规则匹配效率。
展开▼