| 通用访问控制框架在网格中的应用 |
| |
| 引用本文: | 张润莲,武小年.通用访问控制框架在网格中的应用[J].桂林电子科技大学学报,2007,27(3):204-207. |
| |
| 作者姓名: | 张润莲 武小年 |
| |
| 作者单位: | 桂林电子科技大学,信息与通信学院,广西,桂林,541004 |
| |
| 摘 要: | 通用访问控制框架将访问控制的决策部分和访问控制的实施部分相分离,使访问控制实施与具体策略无关,从而可方便地支持多种不同的安全策略而无须改变访问实施.针对网格环境中多安全策略需求,对通用访问控制框架进行了扩展,提出网格通用访问控制框架.其通过抽象不同安全域系统的安全策略类型,形成安全域安全策略元数据;在用户跨域访问不同安全域时,基于安全策略元数据,系统可方便地决策并调用相关安全策略的实施.系统测试结果表明,该框架能够支持网格环境中多安全策略需求,并有效提高系统效率.
|
| 关 键 词: | GFAC 访问控制 网格安全 |
| 文章编号: | 1673-808X(2007)03-0204-04 |
| 修稿时间: | 2007-02-16 |
Application of generalized framework for access control in grid |
| |
| ZHANG Run-lian,WU Xiao-nian.Application of generalized framework for access control in grid[J].Journal of Guilin Institute of Electronic Technology,2007,27(3):204-207. |
| |
| Authors: | ZHANG Run-lian WU Xiao-nian |
| |
| Affiliation: | School of Information and Communication Engineering, Guilin University of Electronic Technology, Guilin 541004, China |
| |
| Abstract: | Generalized Framework for Access Control(GFAC) explicitly recognizes two parts of access control-adjudication and enforcement.Enforcement is independent of a special security policy.GFAC thus does not need to change its own enforcement when GFAC faces multiple different security policies.This paper proposes a generalized framework for access control in grid(GGFAC) by expanding GFAC,aiming at multiple different security policies in grid.Based on GFAC,GGFAC sets the metadata to abstract and describe what security policies systems are.When grid users want to access resources resided in different secure domains with different security policies,GGFAC can adjudicate easily and call its enforcement according to the metadata.Testing result shows that GGFAC can support multiple security policies in grid and improve system performance. |
| |
| Keywords: | GFAC access control grid security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
