Security polices in accounting systems are always related with the active contexts, including times, locations, user trust levels, and the properties of data objects. We analyzed the multiformities of constraints in the access control model and present a context-constraint access control model and security polices. Contexts in the security field of applications can be classified into subject contexts, role contexts, object contexts, environment contexts and history contexts. They have different data types and can be evaluated through context functions. Context constraints can be used to describe the security polices concerned to data objects in complex accounting systems. A conceptual structure extended from the simple access control model is brought forward in order to implement the security management in accounting system.

• 出版日期2008
• 单位北京大学