中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Title:
一种数据级安全访问控制方案①
Alternative Title: A Solution of Data-Level Security Access Control
Author: 唐建 ; 徐罡 ; 许舒人
Keyword: 数据访问策略 ; 行级权限 ; 列级权限 ; SQL解析 ; data access strategy ; row-level-rules ; column-level-rules ; SQL analysis
Source: 计算机系统应用
Issued Date: 2013
Issue: 9, Pages:81-85,74
Department: 中国科学院软件研究所 软件工程技术中心,北京,100190
Abstract: 为了更好地保护 Web 应用系统中敏感数据不被非法访问。在传统的基于角色的访问控制模型基础上提出了由用户集合和数据访问权限构成的数据访问策略,并将数据访问策略关联到功能,通过对原有业务 SQL 解析,使用行级访问权限对数据记录进行行级过滤,再根据列级访问权限对数据记录相应属性进行屏蔽处理来进行数据安全访问控制,并设计了数据安全访问控制的框架。最后将该方案应用到新发地农产品供应链管理平台中,验证了该方案的可行性和有效性。 To protect sensitive data in Web applications from unauthorized access, a data access strategy consisting of user set and data access authority is proposed, which is based on traditional role based access control model. The data access strategy is related to function. After parsing the original business SQL, row-level-rules are applied to filter the data records in row level, and column-level-rules are applied to mask the corresponding attributes of the data records. A data security access control framework is designed. Finally, this strategy is implemented in the Agricultural Products Supply Chain Management System of Xinfadi, and the validity and effectiveness of the presented strategy is demonstrated.
Language: 中文
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/17005
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
唐建,徐罡,许舒人. 一种数据级安全访问控制方案①[J]. 计算机系统应用,2013-01-01(9):81-85,74.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[唐建]'s Articles
[徐罡]'s Articles
[许舒人]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[唐建]‘s Articles
[徐罡]‘s Articles
[许舒人]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2020  中国科学院软件研究所 - Feedback
Powered by CSpace