In order to solve the switchover from a content management information system based on role-based access control (RBAC) model to a SOA architecture, the access control part needs to turn into the attribute-based access control (ABAC) model more suitable for distributed architecture. This paper comparatively studies two authorization models of both RBAC model and ABAC model, and analyzes how to turn existing information systems from the RBAC model into ABAC model. The result presented in this paper indicates that the smooth transition from RBAC model to ABAC model can be achieved, rather than demolishing and reconstructing.%为了解决基于角色的访问控制(RBAC)模型开发的内容管理信息系统向SOA架构切换,其中访问控制部分也需要转成更适应于分布式架构的基于属性的访问控制(ABAC)模型。该文对比研究了RBAC模型和ABAC模型两种授权模型,分析如何把已有的信息系统从RBAC模型转化成ABAC模型,为解决分布式环境提供了一种新途径,实现了RBAC模型到ABAC模型的平稳过渡,而不是完全推倒重建。
展开▼
