簡易檢索 / 詳目顯示
| 研究生: |
黃賜瑋 Huang, Tzu-Wei |
|---|---|
| 論文名稱: |
分散式工作-角色為基礎的存取控制 Distributed Task-Role Based Access Control |
| 指導教授: |
徐立群
Shu, Liu-Chyun |
| 學位類別: |
碩士 Master |
| 系所名稱: |
管理學院 - 會計學系 Department of Accountancy |
| 論文出版年: | 2004 |
| 畢業學年度: | 92 |
| 語文別: | 中文 |
| 論文頁數: | 82 |
| 中文關鍵詞: | 隱密式通道 、安全序列化圖形 、工作-角色為基礎的存取控制 、未干涉理論 、安全可信賴基底演算法 |
| 外文關鍵詞: | Covert Channel, Secure Trusted Computing Based Algorithm, Secure Serialization Graph, Task-Role Based Access Control, Non-interference |
| 相關次數: | 點閱:110 下載:2 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
本研究主要把工作和角色為基礎的存取控制機制運用在分散式的資料庫環境上,它比傳統的RBAC方法多了安全可信賴基底元件,此元件之設計乃根據我們提出的安全性可信賴演算法,可以達到異動的安全性和完整性。為了實證探討,我們將此分散式存取控制機制實際應用在一跨國性的企業案例上。
This research project applies the Task-Role Based Access Control mechanism to a distributed (database) environment. The Task-Role Based Access Control mechanism has a secure trusted computing based component that the traditional RBAC approach falls short of. This secure trusted computing-based component is designed according to secure trusted computing-based algorithm, which ensures the security and integrity of schedule transactions. In order to investigate its practical implications, we will apply the DTRBAC approach to a case study of a multi-national enterprise.
中文部分
1. 王旭正著(民91),系統安全,行政院國科會科學技術資料中心編印。
2. 朱習悅等譯(民91),Ramez Elmasri& Shamkant Navathe著,資料庫系統系理 碁峰&美商艾迪生維斯理第六版。
3. 李昌雄編著(民87),商業自動化與電子商務,智勝出版社。
4. 李正源等譯(民89),Dan Blacharski 著,網路安全在多重環境下-2000年新版,文魁出版社。
5. 施淵仁、黃士殷(民89),具流程管理機制之工作存取權限控制模型之研究,元智大學電機暨資工研究所
6. 張真誠(民91),資通安全概論,國科會科學技術資料中心。
7. 曾守正著(民85),資料庫系統之理論與實務,台北:儒林圖書。
8. 黃亮宇(民81),資訊安全規劃與管理,台北:松崗電腦。
9. 葉誌崇等著(民89),會計資訊系統 台南:葉誌崇。
10.游其易著(民86),實用資料庫管理系統指引,台北:松崗電腦。
11.樊國楨著(民86),電子商務高階安全防護-公開金鑰密碼資訊系統安全原理,資訊工業策進會編,資訊與電腦出版社。
12.駱詩軒等(民88)譯,Abraham Silberschatz& Peter Baer Galvin著,作業系統概念,東華書局。
13.教育部電子計算中心發行(民80),資訊安全與管理資訊教育叢書(三),資訊與教育雜誌社編印
14.行政院主計處電子處理資料中心(民91),資訊安全手冊第三版
外文部分
1.Alexander Brodsky & Csilla Fakas & Sushil Jajodia & Senior Member (2000),”Secure Databases: Constraints, Inference Channel, and Monitoring Disclosures”, IEEE Transactions on Knowledge and Data Engineering.
2.Andreas Schaad & Jonathan & Moffett & Jeremy Jacob(2001),
“The Role-Based Access Control System of a European Bank: A Case Study and Discussion”,ACM
3. Brajendra Panda(1997), “An Alternative Approach to Serialization of Multilevel Secure Transactions”,ACM
4.D.E. Bell& L.J.Lapadula(1976),”Secure Computer Systems:Unified Exposition and Multics Interpretation”,The Mitre corp.
5.D.J. Bowersox & D.J.Closs(1996),”Logistical Management:The InTegrated Supply Chain Process”,McGRAW-HILL CO.
6.David F.Ferraiolo & Ravi Sandhu & Serban Gavrila(2001),
“Proposed NIST Standard for Role-Based Access Control”,ACM
7.David F.Ferraiolo(2001),”An Argument for the Role-Based Access Control Model”,ACM
8.Dorothy Elizabeth Robling Denning(1983),”Cryptography and Data security”,ADDISON-WESLEY PUBLISHING COMPANY
9.Dorothy E. Denning & Teresa F.Lunt(1987),”The Sea View Security Model”,ACM
10.Jajodia & McCollum(1993),”Using two-phase commit for crash recovery in federated multilevel secure database management systems”.
11.James B D.Joshi & Elisa Bertino & Arif Ghafoor(2002),”Temporal Hierarchies and Inheritance Semantics for GTRBAC”, ACM
12.James B D. Joshi & Elisa Bertino & Basit. Shafiq & Arif Ghafoor(2003),”Dependencies and Separation of Duty Constraints in GTRBAC”, ACM
13.Jonathan D.Moffett & Emill C.Lupu(1999),”The Uses of Role Hierarchies in Access Control”,ACM
14.Louanna Notargiacomo,”Architectures for MLS Database Management Systems”,Information Security Essay 19.p439-459
15.Mikel L.Matthews(2001),”Position Paper”,ACM
16.Myong H. Kang & Joon S. Park & judith N.Froscher(2001), “Access Control Mechanisms for inter-Organizational Workflow”,ACM
17.Rasikan. David & Sang H. Son(1993),”A secure Two Phase Locking Protocol”,IEEE
18.Ravi Sandhu(1996),”Issue in RBAC”, ACM RBAC Workshop. MD. USA
19.R. K. Thomas & R. S. Sandhu(1997),
“Task-based Authorization Controls(TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management”,Proceedings of the IFIP WG11.3 Workshop on Database Security.
20.Sang H.Son & Rasikan David(1994),”Desing and Analysis of Secure Two Phase Locking Protocol”,IEEE
21.Sang H. Son & Ravi Mukkamala & Rasikan David (2000),”Intergrating Security and Real-Time Requirements Using Covert Channel Capacity”, IEEE Transactions on Knowledge and Data Engineering.
22.Sang H.Son & Kyoung-Don Kang & John A. Stankovic,
“STAR:Secure Real-Time Transaction Processing with Timeliness guarantees“
23.Sejong Oh* & Seog Park(2003),”Task-role-based access control model”, Information System Journal
24.T.F.Keefe & W.T. Tsai & J.Srivastava(1990),”Multilevel Secure Database Concruuency Control” ,IEEE
25.W. Wilkinson & J.Cerullo(2000),”Accounting Information Systems Essential Concepts and Applications(Foruth edition) “,VASANT RAVAL
26.Xinwen Zhang & Sejong Oh & Ravi Sandhu(2003),”PBDM: A Flexible Delegation Model in RBAC”, ACM
校內:立即公開校外:2004-07-07公開