| 基于SOA的属性访问控制模型研究 |
| |
| 引用本文: | 刘君,曹宝香.基于SOA的属性访问控制模型研究[J].通信技术,2011,44(3):143-145. |
| |
| 作者姓名: | 刘君 曹宝香 |
| |
| 作者单位: | 曲阜师范大学计算机科学学院,山东,日照,276826 |
| |
| 摘 要: | 在面向服务的架构的环境下,由于服务的动态性,常见的自主访问控制(DAC)、强制访问控制(MAC)和基于角色的访问控制(RBAC)等传统访问控制机制,已经不能完全满足面向服务的架构(SOA)环境的要求,导致访问控制策略管理非常复杂。为了简化面向服务的架构下的访问控制策略管理,通过采用将基于属性的访问控制(ABAC,Attribute-Based Access Control)方法,可以简化对于面向服务的架构下的异构属性的授权策略。研究发现,ABAC拥有更高的灵活性和更细的访问控制粒度,能够表现语义更丰富的访问控制策略,更适用于SOA环境。
|
| 关 键 词: | 属性访问控制模型 动态 细粒度 |
Attribute Access Control Model based on SOA |
| |
| LIU Jun,CAO Bao-Xiang.Attribute Access Control Model based on SOA[J].Communications Technology,2011,44(3):143-145. |
| |
| Authors: | LIU Jun CAO Bao-Xiang |
| |
| Affiliation: | LIU Jun,CAO Bao-Xiang (School of Computer and Science,Qufu Normal University,Rizhao Shandong 276826,China) |
| |
| Abstract: | In the framework of service-oriented architecture,due to the dynamic service,the traditional discretionary access control(DAC),mandatory access control(MAC) and the role-based access control(RBAC) mechanism could not fully meet the requirements of SOA,and as a result,the access control strategy management becomes very complicated.In order to simplify the access control strategy management in the service-oriented architecture,this paper proposes a new access control model——attribute-based access control model(ABAC).Through this model,the authorization strategy for the heterogeneous attributes in service-oriented architecture could be simplified.This study indicates that ABAC has higher flexibility and finer granularity,and could be used to express the rich semantic access control strategies,so is more applicable to SOA environment. |
| |
| Keywords: | attribute-based access control dynamic fine-grained |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
