完整後設資料紀錄
DC 欄位語言
dc.contributor.author吳美玉en_US
dc.contributor.authorMei-Yu Wuen_US
dc.contributor.author劉敦仁en_US
dc.contributor.author黃景彰en_US
dc.contributor.authorDuen-Ren Liuen_US
dc.contributor.authorJing-Jang Hwangen_US
dc.date.accessioned2014-12-12T02:20:32Z-
dc.date.available2014-12-12T02:20:32Z-
dc.date.issued1998en_US
dc.identifier.urihttp://140.113.39.130/cdrfb3/record/nctu/#NT870396002en_US
dc.identifier.urihttp://hdl.handle.net/11536/64227-
dc.description.abstract以「角色為基礎的存取控制」主要是依據權責衝突的角色,來建立授權準則以達到權責區分之目的;然而為因應企業環境之改變,企業之運作需提供有效的工作管理與工作為基礎的存取控制,因此若僅以角色為基礎的機制,並無法有效的管理企業之工作。近來雖已有以角色與工作為基礎的存取控制之研究,但並未探討權責區分準則或是僅為原來以角色為基礎的存取控制之簡單延伸,並未從工作之間不同的權責關係考量權責區分之授權準則。 本研究提出新的分析觀點,從企業制訂規劃工作的角度,分析與定義不同的工作權責衝突關係,包括制衡、督導查核與非獨攬性等,並依據所定義的工作權責衝突關係來探討使用者、角色與工作之授權及指派,進而設計授權準則以達到在角色與工作為基礎的存取控制模式中之權責區分。本研究不僅定義新的工作權責關係,更推導出符合工作權責關係之新的授權準則,包括督導查核、相依執行及協調合作等權責區分準則。zh_TW
dc.description.abstractMutual-exclusive roles are the basis for designing authorization rules to achieve separation of duty in role-based access control (RBAC) models. However, in order to adapt to the changing business environments, enterprises need to operate with effective task management as well as task-based access control. Current RBAC models are not adequate to provide effective management of tasks within enterprises. Although some works have been done in the context of role and task-based access control, very few works have designed authorization rules on separation of duty in this context. The designed authorization rules are merely simple extensions from the authorization rules of RBAC models. Moreover, different duty-relationships among tasks are not considered. This work presents a novel view to analyze different duty-relationships among tasks from the aspect of how enterprises design and plan tasks. Several kinds of duty-conflict tasks are defined to represent various duty-relationships such as balancing, supervising and non-arbitrary relationships among tasks. On the basis of the defined duty-conflict tasks, authorization rules for assigning tasks to roles and users are designed to achieve separation of duty. The proposed work not only defines new duty-conflict tasks but also deduces new authorization rules to achieve variations of separation of duty including supervision-based, work-dependent and coordination-based separation of duty, etc.en_US
dc.language.isozh_TWen_US
dc.subject權責區分zh_TW
dc.subject以角色為基礎的存取控制zh_TW
dc.subject以工作為基礎的存取控制zh_TW
dc.subject工作權責衝突zh_TW
dc.subjectSeparation of Dutyen_US
dc.subjectRole-Based Access Control, RBACen_US
dc.subjectTask-Based Access Controlen_US
dc.subjectduty-conflict tasksen_US
dc.title設計授權準則以達到在工作為基礎的存取控制模式中之權責區分zh_TW
dc.titleDesigning Authorization Rules to Achieve Separation of Duty in Task-based Access Control Modelsen_US
dc.typeThesisen_US
dc.contributor.department資訊管理研究所zh_TW
顯示於類別:畢業論文