中文摘要：

访问控制和资源授权是网格系统中资源与用户的关系策略的集合,分析了访问控制与资源授权的设计原则,提出了一种基于禁止表和允许表的网格用户访问控制层次式AB4L访问控制模型。给出了该模型的形式化定义,叙述了基于Post-gres数据库的资源访问控制模型和授权的实现方法,并从完备性、可扩展性、自主控制和安全性方面对该模型进行了性能分析与评价。该模型应用于VEGA网格操作系统中用户管理模块,策略和方法安全、高效。

英文摘要：

Access control and resource authorization are the relation policy sets between resources and users in grid system.Firstly,the design principle of the access control and resource authorization is analyzed,then an access control and resource authorization model based on banned list and access list is presented and also the formalized definition of the model is given.The access control and resource authorization implementing method based on Postgres database is described and the models’ performance analysis and evaluation on its’ in-tegrity,extensibility,self-control and security is presented.This model is applied to the user management module of VEGA grid operating system and its policy and method is safe and has a high efficiency.