首页>
外国专利>
Method and system of access control based on a constraint controlling role assumption
Method and system of access control based on a constraint controlling role assumption
展开▼
机译:基于约束控制角色假设的访问控制方法和系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
In an RBAC system, a capability is defined as including an operation and an object on which the operation is to be performed. The capability is assigned to a role, which is in turn assigned to a user. Whether a user's request to perform an operation on an object should be authorized is determined based on whether a capability to perform the operation on the object is assigned to a role which is in turn assigned to the user. Further, the authorization is determined based on the evaluation of the constraint(s) attached to the role. If the evaluation result of the constraint(s) disallows the user to assume the role, the user is prohibited from performing the operation on the object even the user has such capability.
展开▼