关键词: 组合公钥, 角色访问, 密钥权限, 权限控制, 越权访问

Abstract: For security problems caused by illegal users' unauthorized access to internal data of the company, an improved model of combined public key (CPK) and role access control(RBAC) is proposed. On the basis of preserving the inheritance constraint relationship in RBAC96 model, the complexity of the inheritance relationship in RBAC97 model is removed and the concept of user group is introduced. Introducing user groups and encrypting documents with keys, each of which represents different permissions, the key is also assigned to the corresponding user. Different keys protect different documents, different users assign different keys, legitimate users can only decrypt the corresponding documents according to their key permissions, strengthen the security of access control model. The test results show that the scheme works well in the system and the feasibility of the scheme is verified.

Key words: CPK, role access, key permissions, access control, unauthorized access