基于任务和角色的访问控制模型的研究与应用
摘要
随着计算机与网络通信技术的高速发展,互联网已经将政务、商务、以及人们的日常生活紧密联系在一起。但是,在享受信息高度网络化带来的种种便利之时,我们还必须应对随之而来的威胁信息安全的各种挑战。一个没有安全保障的系统难以提供安全有效的业务支持,人们逐渐认识到,信息安全是系统设计开发的重要因素。针对目前主要的信息安全技术,本文选择了网络安全防范和保护的核心内容——访问控制技术作为研究内容。
作者在分析目前流行的Role Base Access Control(基于角色的访问控制,RBAC)、Task Based Access Control(基于任务的访问控制,TBAC)、Task-Role Based Access Control(基于任务-角色的访问控制,TRBAC)等主流访问控制模型的基础上,比较了各模型的应用特点与局限性。并从形式化描述、约束规则、授权规则以及安全性分析等方面对TRBAC进行了深入的研究和分析。针对浙江省学科竞赛门户网站系统的安全性需求和具体的应用特点——系统中的同一用户的权限随应用的变化而变化,将TRBAC访问控制模型应用到本系统的访问控制机制中。在具体的应用实施中,本文还针对具体的业务需求,从增强系统的灵活性和易维护性角度出发,对TRBAC的具体应用实施做了部分改进——访问权限以及系统资源的模块化管理和基于面向对象的任务分类思想的引入。同时在系统设计阶段,利用统一建模语言——UML对TRBAC访问控制模型进行建模、分析和设计,为访问控制模型在系统中的具体实现提供了参考依据。
最后,本文从TRBAC在系统中的具体应用入手,用面向对象的方法来设计实现该系统,使系统的各个层次相对独立,降低了系统的耦合性。另外,为提高代码的复用性,增强系统的灵活性和可维护性,在系统开发过程中采用了整合Struts、Hibernate和Spring的轻量级J2EE体系架构进行开发设计,使系统的分层更加清晰、程序健壮性进一步得到提高。
With the rapid development of the computer technology and network, the internet has connected the government, business and the people's daily life closely. But, when we enjoy the conveniences of the network, we must copy with the kinds of challenges with the information securities. The networks without security is just like as a castle in the air, the safety is gradually become the first element of the network construction. According to the main information security technologies, this paper chosethe core strategy of the network security and protection--accesscontrol technology as the research content.
The writer study and analyze the current mainstream access control models fatherly, such as TBAC、RBAC and TRBAC, and analyze the characteristics and limitations of their application. Particularly, introduce and analyze the model of TRBAC in detail, including its formal description, constraint rules, authorization rules, and security's analysis and so on. According to the security needs of the project of the portal system of the subject contest of this province and its specificcharacteristics of the business--the same user's access changes withthe business in this system, we use the model of the TRBAC applying in the system. In the specific application, according to the specific business needs and enhancing the flexibility and Maintenance of the system, we make some improvement in the specific application of TRBAC, such as the modular management with the access permission and the system resource, and the classification ideology of the tasks' application based on object-oriented. When the design stage, we use the UML to model、analyze and design the TRBAC model, which provide the References for the specific realization of the system.
Finally, basing on the specific application of TRBAC in this system, we use the Object-oriented method to realize the system, which makes all levels of the system independent relatively and ensures the system of the coupling loose. In addition, in order to improve the reusability of the codes, enhance the flexibility and maintainability of the system, we use the lightweight j2ee architecture for the development ,which is based on the integration of the Struts, Hibernate and Spring. And it makes the levels of the system more clear, and the program more robust.
作者在分析目前流行的Role Base Access Control(基于角色的访问控制,RBAC)、Task Based Access Control(基于任务的访问控制,TBAC)、Task-Role Based Access Control(基于任务-角色的访问控制,TRBAC)等主流访问控制模型的基础上,比较了各模型的应用特点与局限性。并从形式化描述、约束规则、授权规则以及安全性分析等方面对TRBAC进行了深入的研究和分析。针对浙江省学科竞赛门户网站系统的安全性需求和具体的应用特点——系统中的同一用户的权限随应用的变化而变化,将TRBAC访问控制模型应用到本系统的访问控制机制中。在具体的应用实施中,本文还针对具体的业务需求,从增强系统的灵活性和易维护性角度出发,对TRBAC的具体应用实施做了部分改进——访问权限以及系统资源的模块化管理和基于面向对象的任务分类思想的引入。同时在系统设计阶段,利用统一建模语言——UML对TRBAC访问控制模型进行建模、分析和设计,为访问控制模型在系统中的具体实现提供了参考依据。
最后,本文从TRBAC在系统中的具体应用入手,用面向对象的方法来设计实现该系统,使系统的各个层次相对独立,降低了系统的耦合性。另外,为提高代码的复用性,增强系统的灵活性和可维护性,在系统开发过程中采用了整合Struts、Hibernate和Spring的轻量级J2EE体系架构进行开发设计,使系统的分层更加清晰、程序健壮性进一步得到提高。
With the rapid development of the computer technology and network, the internet has connected the government, business and the people's daily life closely. But, when we enjoy the conveniences of the network, we must copy with the kinds of challenges with the information securities. The networks without security is just like as a castle in the air, the safety is gradually become the first element of the network construction. According to the main information security technologies, this paper chosethe core strategy of the network security and protection--accesscontrol technology as the research content.
The writer study and analyze the current mainstream access control models fatherly, such as TBAC、RBAC and TRBAC, and analyze the characteristics and limitations of their application. Particularly, introduce and analyze the model of TRBAC in detail, including its formal description, constraint rules, authorization rules, and security's analysis and so on. According to the security needs of the project of the portal system of the subject contest of this province and its specificcharacteristics of the business--the same user's access changes withthe business in this system, we use the model of the TRBAC applying in the system. In the specific application, according to the specific business needs and enhancing the flexibility and Maintenance of the system, we make some improvement in the specific application of TRBAC, such as the modular management with the access permission and the system resource, and the classification ideology of the tasks' application based on object-oriented. When the design stage, we use the UML to model、analyze and design the TRBAC model, which provide the References for the specific realization of the system.
Finally, basing on the specific application of TRBAC in this system, we use the Object-oriented method to realize the system, which makes all levels of the system independent relatively and ensures the system of the coupling loose. In addition, in order to improve the reusability of the codes, enhance the flexibility and maintainability of the system, we use the lightweight j2ee architecture for the development ,which is based on the integration of the Struts, Hibernate and Spring. And it makes the levels of the system more clear, and the program more robust.
引文
[1]沈海波,洪帆.访问控制模型研究综述,计算机应用.2005第6期.
[2]S.Barker,P.J.Stuckey.Flexible Access Control Policy Specification with Constraint Logic Programming.ACM Transactions on Information and System Security.2003,6(4):501-546.
[3]R.S.Sandhog,P.Samurai.Access Control Principles and Practice.IEEE Communications Magazine.1994,32(9):40-48
[4]张绍莲,茅兵等.访问控制技术的研究和进展.计算机科学.2001,28(7):26-28.
[5]李涛.网络安全概论[M]北京电子工业出版社 2004.
[6]Frail D.D.R.Kuhn.Role-Based Access Control.Proceeding of the NIST-NSA National Computers Security Conference,1992:554-563.
[7]W.E.Burr,"Public Key Infrastructure(PKI) Technical Specifications:Part A-Technical Concept of Operations 1998.9.
[8]Pravir Chandra,Matt Messier,John Viega,《Network Security,with Openssl》,O'Reillly,2002.7
[9]David W Chadwich,"An X.509 Role-based Privilege Management Infrastructure",Business Briefing-Global lnfoSecurity,2002
[10]ITU-T Recommendation X.509,Information Technology-Open system Interconnection-The Directory:Public Key and Attribute Certificate Framework,March 2000.
[11]S.Chokhani,"Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework",RFC 3647,November 2003.
[12]S.Santesson,"Internet X.509 Public Key Infrastructure:Qualified Certificates Profile",RFC 3739,March 2004.
[13]R.S.Sandhu,E.J.Coyne,H.L.Feinstein et al.Role-Based Access Control Models.IEEE Computer.1996,29(2):38-47.
[14]R.S.Sandhu,D.Ferraiolo,R.Kuhn.The NIST Model for Role-Based Access Control:Towards a Unified Standard.Proceedings of the Fifth ACM Workshop on Role-Based Access Control,Berlin,2000:47-63.
[15]D.F.Ferraiolo,R.S.Sandhu,S.Gavrila et al.Proposed NIST Standard for Role-Based Access control.ACM Transactions on Information and System Security.2001,4(3):224-274.
[16]K.Apu,A.M.Jalal,H.C.Roy et al.IRBAC 2000:Secure Interoperability Using Dynamic Role Translation.International Conference on Internet Computing,2000:231-238.
[17]王建平,饶若楠.一种基于角色的访问控制模型.计算机工程.2004,30(14):193-195.
[18]张志勇,普杰信.一种扩张的委托授权模型及其面向对象的建模.计算机应用与软件.2005,22(9):30-32
[19]孙波,赵庆松,孙芳。TRDM—具有时限的基于角色的转授权模型.计算机研究与发展.2004,41(7):1104-1109.
[20]邓集波,洪帆.基于任务的访问控制模型.软件学报.2003,14(1):76-82.
[21]陈风珍,洪帆.基于任务的访问控制(TBAC)模型.小型微型计算机系统.2003,24(3):621-624.
[22]李成错,詹永照,茅兵等.基于角色的CSCW系统的访问控制模型.软件学报.2000,11(7):931-937.
[23]宋善德,刘伟.基于角色-任务的访问控制模型.计算机工程与科学 2005,27(6):4-6.
[24]Amman and R.Sandhu.Implementing Transaction Control Expressions Checking for Absence of Access Rights,Proc.8th Annual Computer Security Application Conference,San Antario,Texas,Dec. 1992.
[25]G.Ahn and R.Sandhu.Towards role-based administration in network information services.Journal of Network and Computer Applications Vol.22,No.3,p.199-213,July 1999.
[26]Thomas RK,Sandhu RS.Task-Based authentication controls(TBAC):a family of models for active and enterprise-oriented authentication management,1997,11-13.
[27]Thomas RK,SandhuRS.Towards a task-based paradigm for flexible and adaptable access control in distributed applications,In:Proceedings of the 1992-1993 ACM SIGSAC New Security Paradigms Workshops,1993:138-142.
[28]邓集波,洪帆.基于任务的访问控制模型.软件学报 2003,14(1).76-82.
[29]Sejong Oh,Seog Park.Task-Role Based Access Control(T-RBAC):An Improved Access Control Model for Enterprise Environment.121-742,Seoul,Korea.
[30]R.K.Thomas,R.S.Sandhu:Task-based Authorization Controls(TBAC):A Family of Models for Active and Enterprise-oriented Authorization Management,Proc.of the IFIP WG11.3 Workshop on Database Security(1997).
[31]Verissimo PE,Neves NF,Correia M P.Intrusion-tolerant architectures:Concepts and design.In R Lemos,C Gacek,A Romanovsky,editors,Architecting Dependable Systems,volume 2677 of Lecture Notes in Computer Science[M].Berlin:Springer-Verlag,2003.
[32]刑光林,洪帆.基于角色和任务的工作流授权模型及约束描述.计算机研究与发展.2005,42(11):1946-1953.
[33]S.Kandala,and R.Sandhu,"Secure Role-Based workflow Modles",Database Seecurity XV:Status and Prospects,Kluwer 2002.
[34]任侠,谭庆平.基于角色和任务的分布式工作流授权控制模型[J].计算机工程,2006,32(5):80-82.
[35]HOU Si-zu,ZHANG Jing-min.Research of TRBAC model and its application in enterprise MIS.Computer Engineering and Design.June 2008.
[36]Sejong Oh,Seog Park.Task-role-based access control model[J].Information System,2003,28(6):533-562.
[37]尹芳.基于任务的工作流安全模型研究与应用.山东大学硕士学位论文.2006.
[38]LONG Tao,HONG Fan,WU Chi,SUN Ling-li Task-and-role-based access-control model for computational grid.Journal of Chongqing University:English Edition.December 2007.
[39]Kandala S,Sandhu R.Secure Role-Based Workflow Models[A].In:Proceedings of the 15th IFIP WG 11.3 Working Conference on Database Security[C].Niagara,Ontario,Canada:[s.n.],2002.45-58.
[40]莫世锋,李勤.运用UML进行软件系统建模[J].乐山师范学院学报,2005,(05).
[41]软件开发方式:UML面向对象分析与设计.(德)Bernd Oestereich著 姜南,周志荣等译.北京-电子工业出版社 2004.
[42]设计模式:可复用面向对象软件的基础.(美)Erich Gamma…(等) 著.北京-机械工业出版社2002.
[43]深入浅出J2EE架构:应用程序设计与部署的原理.印)B V Kumar,(印)S Sangeetha,(印)S V Subrahmanya著.北京-清华大学出版社 2006.
[44]Petri网原理与应用.袁崇义著.北京-电子工业出版社 2005.
[45]张彦歆.结合UML和Petri Net技术的工作流建模的研究.微型电脑应用.2008
[46]喻敏,李忠俊.基于Petri网的信息系统建模分析.2008 中国信息技术与应用学术论坛.2008
[47]张守伟,宋文爱.基于C/S与B/S结合模式的管理信息系统分析.信息通信,2007.
[48]软件架构设计.温昱著.北京-电子工业出版社 2007.
[49]Java编程思想.(美)埃克尔(Bruce Eckel)著.机械工业出版社 2007.
[50]Jian Zhang,Jigui Sun,Niya Li,Chengquan Hu.A conditioned secure access control model on mutil-weighted roles in workflow system,Control and Automation,2005.ICCA'05.International Conference on Colume 2,26-29 June 2005 Page(s):1068-1073 Vol.2.
[51]Song Fu,Cheng-Zhong Xu.Coordinated access control with temporal and spatial constraints on mobile execution in coalition environments.Future Generation Computer Systems,Volume 23,Issue 6,July 2007,Pages 804-815.
[52]董云卫,工作流管理系统的事务建模研究,西北大学博士论文,2004.
[53]YANG Li-qin,WANG Feng-ying.TRBAC rights-refining and access control policy.Journal of Shandong University of Technology(Natural Science Edition),Mar.2007.
[54]金琼峥,杨树堂等.基于T-RBAC的企业权限管理方法.计算机工程,2004,30(19):93-95.
[55]杨勇虎,刘振宇.工作流中TBAC权限控制模型的扩展与UML描述.计算机系统应用.2008.
[2]S.Barker,P.J.Stuckey.Flexible Access Control Policy Specification with Constraint Logic Programming.ACM Transactions on Information and System Security.2003,6(4):501-546.
[3]R.S.Sandhog,P.Samurai.Access Control Principles and Practice.IEEE Communications Magazine.1994,32(9):40-48
[4]张绍莲,茅兵等.访问控制技术的研究和进展.计算机科学.2001,28(7):26-28.
[5]李涛.网络安全概论[M]北京电子工业出版社 2004.
[6]Frail D.D.R.Kuhn.Role-Based Access Control.Proceeding of the NIST-NSA National Computers Security Conference,1992:554-563.
[7]W.E.Burr,"Public Key Infrastructure(PKI) Technical Specifications:Part A-Technical Concept of Operations 1998.9.
[8]Pravir Chandra,Matt Messier,John Viega,《Network Security,with Openssl》,O'Reillly,2002.7
[9]David W Chadwich,"An X.509 Role-based Privilege Management Infrastructure",Business Briefing-Global lnfoSecurity,2002
[10]ITU-T Recommendation X.509,Information Technology-Open system Interconnection-The Directory:Public Key and Attribute Certificate Framework,March 2000.
[11]S.Chokhani,"Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework",RFC 3647,November 2003.
[12]S.Santesson,"Internet X.509 Public Key Infrastructure:Qualified Certificates Profile",RFC 3739,March 2004.
[13]R.S.Sandhu,E.J.Coyne,H.L.Feinstein et al.Role-Based Access Control Models.IEEE Computer.1996,29(2):38-47.
[14]R.S.Sandhu,D.Ferraiolo,R.Kuhn.The NIST Model for Role-Based Access Control:Towards a Unified Standard.Proceedings of the Fifth ACM Workshop on Role-Based Access Control,Berlin,2000:47-63.
[15]D.F.Ferraiolo,R.S.Sandhu,S.Gavrila et al.Proposed NIST Standard for Role-Based Access control.ACM Transactions on Information and System Security.2001,4(3):224-274.
[16]K.Apu,A.M.Jalal,H.C.Roy et al.IRBAC 2000:Secure Interoperability Using Dynamic Role Translation.International Conference on Internet Computing,2000:231-238.
[17]王建平,饶若楠.一种基于角色的访问控制模型.计算机工程.2004,30(14):193-195.
[18]张志勇,普杰信.一种扩张的委托授权模型及其面向对象的建模.计算机应用与软件.2005,22(9):30-32
[19]孙波,赵庆松,孙芳。TRDM—具有时限的基于角色的转授权模型.计算机研究与发展.2004,41(7):1104-1109.
[20]邓集波,洪帆.基于任务的访问控制模型.软件学报.2003,14(1):76-82.
[21]陈风珍,洪帆.基于任务的访问控制(TBAC)模型.小型微型计算机系统.2003,24(3):621-624.
[22]李成错,詹永照,茅兵等.基于角色的CSCW系统的访问控制模型.软件学报.2000,11(7):931-937.
[23]宋善德,刘伟.基于角色-任务的访问控制模型.计算机工程与科学 2005,27(6):4-6.
[24]Amman and R.Sandhu.Implementing Transaction Control Expressions Checking for Absence of Access Rights,Proc.8th Annual Computer Security Application Conference,San Antario,Texas,Dec. 1992.
[25]G.Ahn and R.Sandhu.Towards role-based administration in network information services.Journal of Network and Computer Applications Vol.22,No.3,p.199-213,July 1999.
[26]Thomas RK,Sandhu RS.Task-Based authentication controls(TBAC):a family of models for active and enterprise-oriented authentication management,1997,11-13.
[27]Thomas RK,SandhuRS.Towards a task-based paradigm for flexible and adaptable access control in distributed applications,In:Proceedings of the 1992-1993 ACM SIGSAC New Security Paradigms Workshops,1993:138-142.
[28]邓集波,洪帆.基于任务的访问控制模型.软件学报 2003,14(1).76-82.
[29]Sejong Oh,Seog Park.Task-Role Based Access Control(T-RBAC):An Improved Access Control Model for Enterprise Environment.121-742,Seoul,Korea.
[30]R.K.Thomas,R.S.Sandhu:Task-based Authorization Controls(TBAC):A Family of Models for Active and Enterprise-oriented Authorization Management,Proc.of the IFIP WG11.3 Workshop on Database Security(1997).
[31]Verissimo PE,Neves NF,Correia M P.Intrusion-tolerant architectures:Concepts and design.In R Lemos,C Gacek,A Romanovsky,editors,Architecting Dependable Systems,volume 2677 of Lecture Notes in Computer Science[M].Berlin:Springer-Verlag,2003.
[32]刑光林,洪帆.基于角色和任务的工作流授权模型及约束描述.计算机研究与发展.2005,42(11):1946-1953.
[33]S.Kandala,and R.Sandhu,"Secure Role-Based workflow Modles",Database Seecurity XV:Status and Prospects,Kluwer 2002.
[34]任侠,谭庆平.基于角色和任务的分布式工作流授权控制模型[J].计算机工程,2006,32(5):80-82.
[35]HOU Si-zu,ZHANG Jing-min.Research of TRBAC model and its application in enterprise MIS.Computer Engineering and Design.June 2008.
[36]Sejong Oh,Seog Park.Task-role-based access control model[J].Information System,2003,28(6):533-562.
[37]尹芳.基于任务的工作流安全模型研究与应用.山东大学硕士学位论文.2006.
[38]LONG Tao,HONG Fan,WU Chi,SUN Ling-li Task-and-role-based access-control model for computational grid.Journal of Chongqing University:English Edition.December 2007.
[39]Kandala S,Sandhu R.Secure Role-Based Workflow Models[A].In:Proceedings of the 15th IFIP WG 11.3 Working Conference on Database Security[C].Niagara,Ontario,Canada:[s.n.],2002.45-58.
[40]莫世锋,李勤.运用UML进行软件系统建模[J].乐山师范学院学报,2005,(05).
[41]软件开发方式:UML面向对象分析与设计.(德)Bernd Oestereich著 姜南,周志荣等译.北京-电子工业出版社 2004.
[42]设计模式:可复用面向对象软件的基础.(美)Erich Gamma…(等) 著.北京-机械工业出版社2002.
[43]深入浅出J2EE架构:应用程序设计与部署的原理.印)B V Kumar,(印)S Sangeetha,(印)S V Subrahmanya著.北京-清华大学出版社 2006.
[44]Petri网原理与应用.袁崇义著.北京-电子工业出版社 2005.
[45]张彦歆.结合UML和Petri Net技术的工作流建模的研究.微型电脑应用.2008
[46]喻敏,李忠俊.基于Petri网的信息系统建模分析.2008 中国信息技术与应用学术论坛.2008
[47]张守伟,宋文爱.基于C/S与B/S结合模式的管理信息系统分析.信息通信,2007.
[48]软件架构设计.温昱著.北京-电子工业出版社 2007.
[49]Java编程思想.(美)埃克尔(Bruce Eckel)著.机械工业出版社 2007.
[50]Jian Zhang,Jigui Sun,Niya Li,Chengquan Hu.A conditioned secure access control model on mutil-weighted roles in workflow system,Control and Automation,2005.ICCA'05.International Conference on Colume 2,26-29 June 2005 Page(s):1068-1073 Vol.2.
[51]Song Fu,Cheng-Zhong Xu.Coordinated access control with temporal and spatial constraints on mobile execution in coalition environments.Future Generation Computer Systems,Volume 23,Issue 6,July 2007,Pages 804-815.
[52]董云卫,工作流管理系统的事务建模研究,西北大学博士论文,2004.
[53]YANG Li-qin,WANG Feng-ying.TRBAC rights-refining and access control policy.Journal of Shandong University of Technology(Natural Science Edition),Mar.2007.
[54]金琼峥,杨树堂等.基于T-RBAC的企业权限管理方法.计算机工程,2004,30(19):93-95.
[55]杨勇虎,刘振宇.工作流中TBAC权限控制模型的扩展与UML描述.计算机系统应用.2008.