Journal of Frontiers of Computer Science and Technology ›› 2017, Vol. 11 ›› Issue (12): 1931-1940.DOI: 10.3778/j.issn.1673-9418.1609027

Previous Articles     Next Articles

Research on Role Engineering of Legacy System

LI Han1,2+, ZHENG Shang3, CHEN Feng4   

  1. 1. College of Computer Science, North China University of Technology, Beijing 100144, China
    2. Beijing Key Laboratory on Integration and Analysis of Large-Scale Stream Data, Beijing 100144, China
    3. School of Computer Science and Engineering, Jiangsu University of Science and Technology, Zhenjiang, Jiangsu 212003, China
    4. School of Computer Science and Informatics, De Montfort University, Leicester LE1 9BH, UK
  • Online:2017-12-01 Published:2017-12-07

遗留系统的角色工程方法研究

李  寒1,2+,郑  尚3,陈  峰4   

  1. 1. 北方工业大学 计算机学院,北京 100144
    2. 大规模流数据集成与分析技术北京市重点实验室,北京 100144
    3. 江苏科技大学 计算机科学与工程学院,江苏 镇江 212003
    4. 德蒙特福德大学 计算机与信息工程学院,英国 莱斯特 LE1 9BH

Abstract: To solve the problem of lack of consideration of remaining the external behavior of legacy system and making legacy access control policies easy to be evolved, this paper proposes a role engineering approach for legacy system based on FermaT transformation theory and set theory. The approach defines a set of transformation rules for access control policies, analyzes the management cost of transformation rules, gives the design criteria of role engineering of legacy system, and presents a transformation method based on the design criteria. A case study demonstrates that the proposed approach is feasible. Compared with other primary role mining approaches, the constructed roles are ease to be evolved. The role hierarchy is complete and irredundant. The approach is with the lowest cost in the condition of constructing necessary roles.

Key words: legacy system, role engineering, access control policy, transformation rules, role hierarchy

摘要: 针对角色工程方法欠缺关注遗留系统的外部行为不变性和易演化性的问题,基于FermaT转换理论和集合理论,提出一种遗留系统的角色工程方法。该方法给出访问控制策略的转换规则,分析转换规则的管理成本,讨论遗留系统角色工程的设计准则,并给出符合设计准则的角色工程方法。案例分析表明,该方法能够在生成角色的同时构造角色层次,与主要的角色挖掘方法相比,角色的粒度更加细化,角色层次完整且不冗余,在产生必要角色的前提下管理开销最低。

关键词: 遗留系统, 角色工程, 访问控制策略, 转换规则, 角色层次