访问控制技术 宣讲人:孙婷婷
-
Upload
scarlett-mckay -
Category
Documents
-
view
74 -
download
0
description
Transcript of 访问控制技术 宣讲人:孙婷婷
-
access controlsubjectobject
AEFADF
-
coarse grainedmedium grainedfine grained
-
2070
-
123412JohnOwnRWOwnRWInquiryCreditAliceROwnRWWRInquiryDebitInquiryCredit
BobR
WROwnRWInquiryDebit
-
capability listprofiles listpassword
-
JohnAliceBob
1OwnRW
3OwnRW
1OwnRW
3OwnRW
1OwnRW
3OwnRW
1OwnRW
3OwnRW
1OwnRW
-
access control listACL
-
2314
AliceOwnRW
BobR
JohnOwnRW
AliceOwnRW
AliceR
BobOwnRW
JohnOwnRW
AliceR
BobRW
-
HRUTAMATAM
-
BLPBiba
-
so(s)(o)*-so(s)(o)*-*-
-
TSSCUTSR/WWWWSRR/WWWCRRR/WWURRWR/W
-
BibaBLPBibaso(s) (o)*-so(s)(o)
TSSCUTSR/WRRRSWR/WRRCWWR/WRUWWWR/W
-
RBAC202090NISTRBACDACMAC RBAC
-
RBAC
-
NISTRBACRBACRBAC4RBACRBAC 5usersrolesOBSOPSPRMSRBACsession
-
UsersrolesOPSOBSUAusersrolesAssigned_users:(r:roles)2usersrAssigned_users(r)={u users|(u,r) UA}.PRMS=2(OPS OBS)PAPRMSrolesSessionsUser_sessionsuSession_rolessAvail_session_permss
-
RBACRBACRBAC2001(static separation of duty relations , SSD)/RBAC2001UAUASSD1
-
dynamic separation of duty relations , DSDDSD
rbac*RBACRBAC*RBACRBAC*ABA*SSDrole_set,nn*SSDDSD.DSDrole_set,nn*