摘要
现有自顶向下的角色工程忽略企业对敏感任务的要求,产生的角色集安全性低。为提高角色定义的安全性,提出一种满足静态职责分离约束的用户角色分配方法。从静态互斥角色约束集出发,利用贪婪算法产生互斥角色对并将其映射为稀疏图。使用韦尔奇·鲍威尔着色法将相邻顶点染为不同的颜色,生成的着色数近似等于最小用户数。根据角色被染颜色进行角色划分,被划分为同一组的角色只能指派给同一个用户。实验结果表明,该方法执行效率快、安全性高,可有效节省存储空间。
The existing top-down role of the project ignores the requirements of the enterprise for sensitive tasks,resulting in a low set of security.In order to improve the security of role division,a user role assignment method constrained by static separation of duty is proposed.Based on the static mutex exclusive role constraint set,the greedy algorithm is used to generate mutex role pairs and map them to sparse graphs.By using Welch Powell coloring method,adjacent vertices are dyed into different colors,and the number of coloring is approximately equal to the minimum number of users.Roles are divided according to their colors,and roles assigned to the same group can only be assigned to the same user.Experimental results show that this method is efficient,secure and it can save storage space effectively.
作者
王静宇
董景楠
谭跃生
WANG Jingyu;DONG Jingnan;TAN Yuesheng(School of Information Engineering,Inner Mongolia University of Science and Technology,Baotou,Inner Mongolia 014010,China)
出处
《计算机工程》
CAS
CSCD
北大核心
2018年第10期190-195,203,共7页
Computer Engineering
基金
国家自然科学基金(61462069
61662056)
内蒙古自然科学基金(2016MS0608
2016MS0609)
关键词
静态职责分离
静态互斥角色约束
角色划分
最小用户数
着色数
static separation of duty
Static Mutual Exclusive Role(SMER)constraint
role division
minimum number of users
chromatic number
作者简介
王静宇(1976—),男,副教授、博士,主研方向为云计算、数据挖掘;董景楠,硕士;谭跃生,教授。
