ISCAS OpenIR
一种数据级安全访问控制方案①
Alternative TitleA Solution of Data-Level Security Access Control
唐建; 徐罡; 许舒人
2013
Source计算机系统应用
ISSN1003-3254
Issue9Pages:81-85,74
English Abstract为了更好地保护 Web 应用系统中敏感数据不被非法访问。在传统的基于角色的访问控制模型基础上提出了由用户集合和数据访问权限构成的数据访问策略,并将数据访问策略关联到功能,通过对原有业务 SQL 解析,使用行级访问权限对数据记录进行行级过滤,再根据列级访问权限对数据记录相应属性进行屏蔽处理来进行数据安全访问控制,并设计了数据安全访问控制的框架。最后将该方案应用到新发地农产品供应链管理平台中,验证了该方案的可行性和有效性。 To protect sensitive data in Web applications from unauthorized access, a data access strategy consisting of user set and data access authority is proposed, which is based on traditional role based access control model. The data access strategy is related to function. After parsing the original business SQL, row-level-rules are applied to filter the data records in row level, and column-level-rules are applied to mask the corresponding attributes of the data records. A data security access control framework is designed. Finally, this strategy is implemented in the Agricultural Products Supply Chain Management System of Xinfadi, and the validity and effectiveness of the presented strategy is demonstrated.
Keyword数据访问策略 行级权限 列级权限 Sql解析 Data Access Strategy Row-level-rules Column-level-rules Sql Analysis
Department中国科学院软件研究所 软件工程技术中心,北京,100190
Language中文
Content Type期刊论文
URIhttp://ir.iscas.ac.cn/handle/311060/17005
Collection中国科学院软件研究所
Recommended Citation
GB/T 7714
唐建,徐罡,许舒人. 一种数据级安全访问控制方案①[J]. 计算机系统应用,2013(9):81-85,74.
APA 唐建,徐罡,&许舒人.(2013).一种数据级安全访问控制方案①.计算机系统应用(9),81-85,74.
MLA 唐建,et al."一种数据级安全访问控制方案①".计算机系统应用 .9(2013):81-85,74.
Files in This Item:
There are no files associated with this item.
Related Services
Recommend this item
Bookmark
Usage statistics
Export to Endnote
Google Scholar
Similar articles in Google Scholar
[唐建]'s Articles
[徐罡]'s Articles
[许舒人]'s Articles
Baidu academic
Similar articles in Baidu academic
[唐建]'s Articles
[徐罡]'s Articles
[许舒人]'s Articles
Bing Scholar
Similar articles in Bing Scholar
[唐建]'s Articles
[徐罡]'s Articles
[许舒人]'s Articles
Terms of Use
No data!
Social Bookmark/Share
All comments (0)
No comment.
 

Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.