首页 | 本学科首页   官方微博 | 高级检索  
     

基于SAML和XACML的Web服务访问控制模型
引用本文:姜炜超,夏阳,黄潇.基于SAML和XACML的Web服务访问控制模型[J].计算机工程与设计,2005,26(6):1525-1528.
作者姓名:姜炜超  夏阳  黄潇
作者单位:中国矿业大学,计算机科学与技术学院,江苏,徐州,221008
摘    要:Web服务采用了通用的协议和技术,便于用户访问,已成为了分布式计算的研究热点,但这种方便也带来了安全性的隐患。提出了一个基于SAML和XACML的Web服务访问控制模型,利用SAML协议实现单点登录,采用XACML策略描述语言对用户进行访问控制。模型在扩展SAML协议的基础上,把XACML引入Web服务能够更好地对服务端受保护资源进行控制,从而实现Web服务的安全访问控制。

关 键 词:Web服务  SAML  XACML  访问控制  策略  单点登录
文章编号:1000-7024(2005)06-1525-04

Access control model for web services based on SAML and XACML
JIANG Wei-chao,XIA Yang,HUANG Xiao.Access control model for web services based on SAML and XACML[J].Computer Engineering and Design,2005,26(6):1525-1528.
Authors:JIANG Wei-chao  XIA Yang  HUANG Xiao
Abstract:Web services, which adopt general protocol and technology, can be easily accessed by users and have been the research hotspot in distributed computing, but the downside of this easiness is that security is compromised. An access control system for web services is presented based on SAML and XACML, which uses SAML to single sign-on and introduces XACML to control the access of users. Based on SAML, XACML is imported to control the protected resources on web sites, and achieves the security of access control of web services.
Keywords:web services  SAML  XACML  access control  policy  single sign-on
本文献已被 CNKI 维普 万方数据 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号