| 基于角色的Web Services访问控制系统 |
| |
| 引用本文: | 侯景华,吴宇红.基于角色的Web Services访问控制系统[J].电子科技,2006(4):55-58. |
| |
| 作者姓名: | 侯景华 吴宇红 |
| |
| 作者单位: | 西安电子科技大学,ISN国家重点实验室,陕西,西安,710071 |
| |
| 摘 要: | 首先对Web Services的安全技术和访问控制的研究情况进行简单回顾,介绍XACML(eXtensibleAcces s Control Markup language)中的常用术语,然后介绍了一个Web Services的面向服务的基于角色的访问控制系统和安全结构模型,从服务方面和属性方面加强对服务的访问控制.在该体系结构模型中,使用SOAPProxy加强对Web Services的访问控制.通过设计安全cookies和安全SOAP消息,在Web Services上实现基于角色的访问控制.最后给出此系统有待解决的问题.
|
| 关 键 词: | 基于角色访问控制 属性 |
| 修稿时间: | 2005年8月31日 |
Role-based Access Control System in Web Services |
| |
| Hou Jinghua,Wu Yuhong.Role-based Access Control System in Web Services[J].Electronic Science and Technology,2006(4):55-58. |
| |
| Authors: | Hou Jinghua Wu Yuhong |
| |
| Abstract: | This paper briefly reviews the state of the security technology research and access control in the Web Services, introduces some nomenclatures used in XACML, and presents a service-oriented role-based access control (RBAC) model and security architecture model for Web Services which enforce access control at service level and attribute level. In this architecture model, SOAP Proxy is employed to enforce access control for Web Services. The RBAC is implemented by designing the secure cookies and secure SOAP messages. Finally this paper draws a conclusion and points out the problems in this system which remain to be solved. |
| |
| Keywords: | SOAP Actor Web Services |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
