| Web服务中基于XACML和SAML的访问控制模型 |
| |
| 引用本文: | 魏伟.Web服务中基于XACML和SAML的访问控制模型[J].电脑编程技巧与维护,2010(20):94-95,156. |
| |
| 作者姓名: | 魏伟 |
| |
| 作者单位: | 江苏海事职业技术学院,南京,211170 |
| |
| 摘 要: | Web服务为传统的安全模型带来了许多新的安全隐患,为了解决Web服务中存在的安全性问题,通过分析XACML、SAML以及RBAC等相关技术,提出了一种基于XACML和SAML的RBAC模型。该模型采用XACML对用户进行访问控制,利用角色管理用户授权,使用RBAC分离用户和权限,提高了权限管理的灵活性;通过SAML协议使不同角色的用户实现单点登录,整个架构基于XML技术,保证了模型的灵活性以及扩展性。
|
| 关 键 词: | Web服务 可扩展访问控制标记语言 安全声明标记语言 基于角色的访问控制技术 单点登录 |
Access Control Model Based on XACML and SAML in Web Services |
| |
| WEI Wei.Access Control Model Based on XACML and SAML in Web Services[J].Computer Programming Skills & Maintenance,2010(20):94-95,156. |
| |
| Authors: | WEI Wei |
| |
| Affiliation: | WEI Wei (Jiangsu Maritime vocational & Technical Institute , Nanjing 211170) |
| |
| Abstract: | Web Services brings lots of new security challenges for the traditional security model , in order to solve the security problem of Web services, we propose the RBAC model based on XACML and SAML,which through analyzing the XACML、SAML and RBAC, this model adopts XACML to control and interview the users, applies role to manage the authorization, uses RBAC to separate the users and authority, improves the flexibility of the authority management. Let the users which are different roles single sign -on successfully through SAML, the whole frame based on XML ensure the flexibility and expansibility of the model. |
| |
| Keywords: | Web Services XACML SAML RBAC single sign-on |
| 本文献已被 维普 万方数据 等数据库收录! |
|
