第四讲访问控制介绍.ppt

* In 2001, NIST proposed a consensus model for RBAC, and has been adopted as ANSI INCITS 359-2004. The main innovation of the NIST standard is the introduction of the RBAC System and Administrative Functional Specification, which defines the features required for an RBAC system in three categories: ? ? Supporting system functions: provide functions for session management and for making access control decisions ? Review functions: provide the capability to perform query operations on RBAC elements and relations The NIST RBAC model comprises four model components (Figure 4.11): core RBAC, hierarchical RBAC, static separation of duty (SSD) relations, and dynamic separation of duty (DSD) relations. The elements of core RBAC are the same as those of RBAC0 described in the preceding section: users, roles, permissions, and sessions. The NIST model elaborates on the concept of permissions by introducing two subordinate entities: operations and objects. Hierarchical RBAC includes the concept of inheritance described for RBAC1, that greatly simplifies the task of defining permission relationships. SSD and DSD are two components that add constraints to the NIST RBAC model. The constraints are in the form of separation of duty relations, used to enforce conflict of interest policies that organizations may employ to prevent users from exceeding a reasonable level of authority for their positions. See text for more details. * The Dresdner Bank has implemented an RBAC system which is system wide and in which the determination of access rights is compartmentalized into three different administrative units for greater security. Roles within the organization are defined by a combination of official position and job function, and form a role hierarchy in which one role is superior to another if its position is superior and their functions are identical. This makes it possible to economize on access rights definitions. When a user invokes an application, the application grants acces