| 一种灵活的Web服务访问控制解决方案 |
| |
| 引用本文: | 张永梅.一种灵活的Web服务访问控制解决方案[J].现代计算机,2005(10):59-61,72. |
| |
| 作者姓名: | 张永梅 |
| |
| 作者单位: | [1]华南师范大学计算机学院,广州510000 [2]广州大学人事处,广州510405 |
| |
| 摘 要: | 本文首先分析了基于Web服务的企业应用集成框架中跨域的认证和授权存在的问题,接着提出一种基于RBAC的灵活的Web服务访问控制解决方案.在该方案中,可信任的企业信息门户认证远程用户身份,生成和Web服务提供者域中访问控制机制关联的远程角色信息,并结合基于WS-Security数字签名和加密机制,由Web服务提供者和请求者双方的机制实现松散耦合的访问控制.
|
| 关 键 词: | Web服务 访问控制 |
| 收稿时间: | 2005-06-02 |
| 修稿时间: | 2005-06-02 |
A Flexible Access Control Solution for Web Services |
| |
| ZHANG Yong-mei.A Flexible Access Control Solution for Web Services[J].Modem Computer,2005(10):59-61,72. |
| |
| Authors: | ZHANG Yong-mei |
| |
| Affiliation: | ZHANG Yong-mei |
| |
| Abstract: | This paper first analyses the problems of cross security domains authentication and authorization that exist in Web services-based enterprise application integration framework and then propose a RBAC based flexible access control solution. In the solution, reliable Enterprise Information Portal (EIP) authenticates remote users, and produce remote roles information, which associate with access control mechanism in Web services provider domain, combine with digital Signature and Encryption of WS-Security to realize loose coupled access control among Web services providers and requesters. |
| |
| Keywords: | Web Services Access Control |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
