自主访问控制机制是安全操作系统必不可少的、应用最广泛的安全机制之一。
Discretionary Access Control is one of necessary and most common secure mechanisms in the secure operating system.
介绍了自主访问控制、强制访问控制和基于角色的访问控制三种主流的访问控制策略,并进行了对比分析。
This paper presents three mainstream access control strategies:discretionary access control, mandatory access control and role-based access control, and compares with each other.
第一级是传统的自主访问控制(Discretionary Access Control,DAC)。
The first level is the traditional Discretionary Access Control (DAC).
引入了外部角色、内部角色和基本角色,使得该模型可以同时实现自主访问控制和强制访问控制,而且也方便了管理。
Introduced the outer role, inner role and basic role, the model can not only realize Discretionary Access Control but also the Mandatory Access Control. In addition, it can facilitate the management.
提出了一个安全数据库访问控制模型,包括一个多层关系模型和一个用以增强自主访问控制能力的元素级粒度的授权。
In this paper, we proposed a formal security database system access model including a multilevel relation model and a element-level authorization.
描述了面向对象系统的数据模型,研究了信息流和信息传输,并以此为基础给出了基于自主访问控制策略的分布式对象系统的信息流控制方法。
To keep independent object-oriented system secure from Trojan horse, there exists already a restrictive policy that blends information flow control with discretionary access control.
论文在对自主访问控制、强制访问控制和基于角色的访问控制的访问控制策略及机制分析、研究基础上,选择并实现了基于角色的权限管理系统。
This paper chooses and realizes the privilege system role-based based on the further research between discretionary access control, mandatory access control and role-based access control.
基于访问控制表(ACL)的细粒度自主访问控制机制可以实现针对单个用户或用户组的访问授权,但是在实际使用中可能造成不适当授权或权限撤销不及时的缺陷。
Fine-granularity discretionary access control based on Access Control List (ACL) may grant authority to one user or group, but it may grant unapt authority or remove authority not timely.
论文在自主开发的空间数据库VISTA的基础上针对特定的对象-关系型数据结构,提出了相应的访问控制方法。
This paper describes the access control method for the specific relational-object data structure on the base of the self-developed spatial database, VISTA.
基于保护位的自主型访问控制,很难实现基于单个用户制定全局安全策略。
Finally, discrete access control based on protection bits can't provide global secure policy based on individual user.
基于保护位的自主型访问控制,很难实现基于单个用户制定全局安全策略。
Finally, discrete access control based on protection bits can't provide global secure policy based on individual user.
应用推荐