資源描述:
《group hierarchies with decentralized user assignment in windows ntnew》由會(huì)員上傳分享��,免費(fèi)在線閱讀�����,更多相關(guān)內(nèi)容在教育資源-天天文庫(kù)��。
1�、GROUPHIERARCHIESWITHDECENTRALIZED�USERASSIGNMENTINWINDOWSNTRAVISANDHUandGAIL-JOONAHNGeorgeMasonUniversityAbstractitlydisplayedwiththeUserManagerprogram.Win-dowsNTnotablylacksafacilityforincludingonegroup1ThenotionofgroupsinWindowsNTismuchlikethatinanother.Inpractice,itisofte
2、ndesirablethatinotheroperatingsystems.Ratherthansetuserandgroupsbearsomerelationshiptoeachother.Byal-�lerightsindividuallyforeachandeveryuser,thead-lowingmembershipinagrouptoautomaticallyim-ministratorcangiverightstovariousgroups,thenplaceplymembershipinsomeothergroupswecanr
3��、educeuserswithinthosegroups.InthispaperwedescribeanthenumberofexplicitaccessdecisionsthatneedtobeexperimenttoextendtheWindowsNTgroupmecha-madebyusersandadministrators.Manycommercialnismintwosigni�cantwaysthatareusefulinmanagingdatabasemanagementsystems,suchasInformix,Ora-gro
4���、up-basedaccesscontrolinlarge-scalesystems.ThecleandSybase,providefacilitiesforhierarchicalgroupsgoalofourexperimentistodemonstratehowgrouphi-(orroles).Commercialoperatingsystems,however,erarchies(wheregroupsincludeothergroups)andde-providelimitedfacilitiesatbestforthispurpos
5����、e.centralizeduser-groupassignment(whereadministra-AnotherlimitationofWindowsNTgroupsisthattorsareselectivelydelegatedauthoritytoassigncer-membershipisexclusivelycontrolledbybuilt-inadmin-tainuserstocertaingroups)canbeimplementedbyistratorgroupssuchasAccountOperators,Administ
6�����、ra-meansofMicrosoftremoteprocedurecall(RPC)pro-tors,andDomainAdmins[4].Thisisacentralizedgrams.Inbothrespectstheexperimentalgoalistomodelwhichdoesnotscalegracefullytosystemswithimplementpreviouslypublishedmodels(RBAC96forlargenumbersofgroupsandusers.Moregenerally,itgrouphier
7����、archiesandURA97fordecentralizeduser-ispossibletodecentralizeuser-groupassignmentbyal-groupassignment).OurresultsindicatethatWindowslowingadministratorstoselectivelydelegateauthorityNThasadequate
exibilitytoaccommodatesophisti-toassigncertainuserstocertaingroups.catedaccessco
8、ntrolmodelstosomeextent.InthispaperwedescribeanexperimenttoextendtheWindows
