AURA(Automatic User Role Assignment)能够大幅降低RBAC的管理开销.基于属性规则的访问控制机制能提供细粒度的访问控制.本文详细介绍基于XACML的AURA扩展、AURA中的XACML的策略语言模型、基于XACML的AURA的应用实例、基于XACML的AURA中存在的问题以及基于XACML的参考实现.%AURA (Automatic User Role Assignment) can reduce the cost of administration dramatically. An attribute-based and rule-based access control mechanism can provide a thin-grain access control. The article introduces the extension, the policy language model, the application instance, the problem and the reference implementation of the XACML-based AURA in detail.
展开▼