航天业务场景融合访问控制策略权限体系研究

RESEARCH ON AUTHORITY SYSTEM BASED ON FUSION ACCESS CONTROL POLICY

  • 摘要: 如何借鉴或承载原有各类信息系统安全策略,如何构建符合多层级、多主题权责切分的数据资产安全管控要求的权限体系,是企业的现实需求和迫切需要解决的难题。对融合访问控制策略相关概念进行定义,基于相关定义和企业业务需求构建融合访问控制策略权限体系,并给出统一的形式化表达和融合计算方法,构建对应的验证框架,以航天业务场景为例验证了权限体系的有效性,相关成果对于数字化转型中多层级、多主题、细粒度数据资产权限管控具有参考价值。

     

    Abstract: How to learn from or carry original security policies of various information systems, and how to build an authority system that meets multi-level and multi-subject division of data asset rights and responsibilities are real demands and urgent problems for enterprises. This paper defined concepts related to fusion access control policy, constructed authority system based on relevant definitions and enterprise business demands, gave unified formal expression and fusion calculation method, built corresponding verification framework, and finally verified effectiveness of authority system through aerospace business scenarios. Relevant results have reference value for multi-level, multi-subject and fine-grained data asset authority control in digital transformation.

     

/

返回文章
返回