
集成知识系统的权责控制
Privilege control in knowledge-based system integration
集成知识系统由各类知识系统主体组成, 用于整合企业不同研发部门产生的不同领域的知识. 在整合各领域知识过程中, 需要通过权责控制实现主体活动范围的界定与分析, 以维持主体自治与系统管制之间的平衡, 适应领域知识之间复杂多变的依赖关系. 为了满足这一需求, 提出了权责模型, 在假定主体进程与系统进程间存在共同约定的基础上, 构造了功用空间和上下文代数等结构, 又以此为基础构造了权责空间, 并完成了权责运算及权责关系等形式化工作. 权责模型为集成知识系统实现权责控制提供了一个可行而又有效的方案, 通过权责和权责关系可以完成描述主体活动、界定主体自律范围以及分析权责关系冲突等工作.
Unlike traditional system integration, the knowledge systems integration is to integrate knowledge-based systems in enterprise in order to weave different domain knowledge. While weaving domain knowledge, the privilege control is required that the activity's scope of agent should be analyzable and controllable to keep agent's autonomy and system's regulation in a balance. With the assumption of ontological interaction commitment, we introduce the structure and algebraic definition of privilege, and then propose the privilege model for privilege control in knowledge systems integration. The privilege model provides a method to represent the privilege of agent's action, to delimit the promised privilege, and to analyze the conflict of privilege compliance.
集成知识系统 / 权责控制 / 访问控制 / 知识共享 {{custom_keyword}} /
knowledge system integration / privilege control / access control / knowledge sharing {{custom_keyword}} /
[1] Burgess M, Fagernes S. Norms and swarms[C]// Lecture Notes in Computer Science, 2007, 4543: 109-120.
[2] Simon R, Zurko M. Separation of duty in role-based environments[C]// Proceedings of the 10th Computer Security Foundations Workshop, New York: IEEE Press, 1997: 183-194.
[3] Gligor V, Gavrila S, Ferraiolo D. On the formal definition of separation-of-duty policies and their composition[C]// Proceedings of Symposium on Security and Privacy, New York: IEEE Press, 1998: 172-183.
[4] Sandhu R. Role activation hierarchies[C]// Proceedings of the Third ACM Workshop on Role-based Access Control, New York: ACM Press, 1998: 33-40.
[5] Barka E, Sandhu R. Framework for role-based delegation models[C]// Proceedings of the 16th Annual Computer Security Applications Conference, New York: IEEE Press, 2000: 168-176.
[6] 王君, 樊治平, 刘鲁. 一种基于角色的知识管理系统的动态组装模[J]. 系统工程与电子技术, 2004, 26(6): 806-810. Wang J, Fan Z P, Liu L. Dynamic assembled model for the knowledge management system based on role[J]. Systems Engineering and Electronics, 2004, 26(6): 806-810.
[7] 于泠, 陈波,肖军模. 多策略的工作流管理系统访问控制模型[J]. 系统工程理论与实践, 2009, 29(2): 151-158. Yu L, Chen B, Xiao J M. Multi-policy access control model for workflow management system[J]. Systems Engineering — Theory & Practice, 2009, 29(2): 151-158.
[8] Ren X L, Liu L, Lü C G. An object-dependent and context constraints-aware access control approach based on RBAC[C]// Proceedings of IFIP International Federation for Information Processing, 2008, 255: 1507-1514.
[9] Jaeger T, Sailer R, Zhang X L. Resolving constraint conflicts[C]// Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, New York: ACM Press, 2004: 105-114.
[10] Trianni V, Dorigo M. Self-organisation and communication in groups of simulated and physical robots[J]. Biological Cybernetics, 2006, 95(3): 213-231.
[11] Milner R. Communicating and mobile systems: The π-calculus[M]. Cambridge: Cambridge University Press, 1999.
[12] Blyth T S. Lattices and ordered algebraic structures[M]. London: Springer-Verlag, 2005: 111-115.
[13] Nonaka I. A dynamic theory of organizational knowledge creation[J]. Organization Science, 1994, 5(1): 14-37.
[14] Burgess M, Fagernes S. Promise theory — A model of autonomous objects for pervasive computing and swarms[C]// Proceedings of the International Conference on Networking and Services, 2006: 118-124.
国家自然科学基金(90924020, 70971005); 教育部人文社会科学研究规划基金(11YJA630044);教育部博士点基金(200800060005)
/
〈 |
|
〉 |