| 面向服务的角色访问控制技术研究 |
| |
| 引用本文: | 许峰,赖海光,黄皓,谢立.面向服务的角色访问控制技术研究[J].计算机学报,2005,28(4):686-693. |
| |
| 作者姓名: | 许峰 赖海光 黄皓 谢立 |
| |
| 作者单位: | 南京大学计算机科学与技术系,南京,210093;南京大学计算机软件新技术国家重点实验室,南京,210093 |
| |
| 基金项目: | 国家自然科学基金(60473091),国家“八六三”高技术研究发展计划项目基金(2003AA142010)资助. |
| |
| 摘 要: | 面向服务的体系结构具有开发效率高、响应快、费用低等优点.但是由于其结构的松散耦合性和计算的动态性,从而造成其安全管理更为复杂.文章首先回顾了访问控制技术的发展,然后提出了一个面向工作流和服务的基于角色访问控制模型.在这个模型中,通过引入服务和授权迁移的概念,加强了对动态服务架构的描述能力.模型对用户角色权限的控制,是通过实际任务和服务状态进行管理的,这样能够有效地加强访问控制的灵活性和系统的安全性.
|
| 关 键 词: | 面向服务 安全 访问控制 角色 工作流 |
Service -Oriented Role -Based Access Control |
| |
| XU Feng,LAI Hai-Guang,HUANG Hao,XIE Li.Service -Oriented Role -Based Access Control[J].Chinese Journal of Computers,2005,28(4):686-693. |
| |
| Authors: | XU Feng LAI Hai-Guang HUANG Hao XIE Li |
| |
| Abstract: | Service oriented architecture (SOA) is an evolution of client/server architecture. A SOA based system can transparently incorporate services running on different software platforms. It could drive the costs down by achieving automated code generation, reuse, and interoperability. But it will cause the complexity of security management due to its loose couple and dynamic characteristics. The paper first reviews the development of access control technology, and then presents a workflow based and services oriented role based access control (WSRBAC) model. In the model, the authors introduce two notions of services and authorization transfer to describe dynamic service oriented architecture. In WSRBAC model, access control system can make its access control decisions by capturing practical relevant environmental context. It can realize access control with dynamic grant and adapt permissions based on the state of workflows and services. This model can enhance system security and provide flexibility in access control system. |
| |
| Keywords: | service-oriented security access control role workflow |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
