以角色為基礎之權限控管系統中情境角色與情境權利關係之研究與實作

在現實生活中，使用者的權限必須與情境有所關係，例如時間、位置或其他等等。我們在本篇以情境角色-RBAC模型來實作具有情境的以角色為主的權限控管。並且由資料庫主動產生觸發，把符合時間情境角色的情境角色啟動，而使用者在登入系統後再依空間情境角色去啟動符合的情境角色。讓時間情境角色去自動被啟動。並且實作出一個系統，來呈現出一般權限與情境權限在不同的情境下，使用者可以擁有哪些權限；並且在情境發生改變時，使用者的情境權限可以跟著作改變。

關鍵字

觸發；以角色為基礎之權限控管；情境

並列摘要

In real world, a user’s permission may be associated with contexts, such as time, location, or others. We use Context Role-RBAC model to implement the concept of context in RBAC. Database will trigger events actively. Database can activate context roles according to the temporal constraints of context roles. The spatial context is dealt after the user logins. The temporal context roles are assigned automatically. A system was implemented to show the normal permission and context permission of a user in different context. While context changes, a user’s context permissions will be updated too.

並列關鍵字

Context ； Role-Based Access Control(RBAC) ； Trigger

參考文獻

[9] 梁遠見著, “多個以角色為基礎的權限控管系統之整合研究與實作 A Study of Integration in Multi-Domain Role-based Access Control Systems”, 中原大學資訊工程所碩士論文, July, 2007.

[10] 葉俊明著, “以角色為主之權限控管系統中階層式情境角色之研究 A Study of Context Role Hierarchy in RBAC”, 中原大學資訊工程所碩士論文, July, 2007.

[4] Frederic Cuppens and Alexandre Miege, “Modelling Contexts in the Or-BAC Model”, In Proceedings of 19th Annual Computer Security Applications Conference, IEEE Computer Society, December 2003, pp. 416-427.

[6] Gustaf Neumann and Mark Strembeck, “An Approach to Engineer and Enforce Context Constraints in an RBAC Environment”, SACMAT’03, June 2-3, 2003, Como, Italy, pp. 65-79.

[12] Jong Hyuk Park and Deok Gyu Lee, “PIS-CC RBAC: Patient Information Service based on CC-RBAC in Next Generation Hospital considering Ubiquitous Intelligent Environment”, 2007 International Conference on Multimedia and Ubiquitous Engineering(MUE'07), April 2007, Seoul, Korea, pp.196-200.

國際替代計量

以角色為基礎之權限控管系統中情境角色與情境權利關係之研究與實作

全文下載

主題瀏覽