ACL在校园网管理中的作用

本文就ACL的基本原理进行了分析,并结合校园网的具体特点,介绍了ACL在校园网管理中的作用,并给出了一些简单的配置实例。     

利用MLS实现行业信息系统的安全

简单介绍了MLS的概念,说明了行业信息系统的特点以及安全威胁。提出了可能的解决办法,利用MLS原理结合VLAN、ACL和RBAC技术,配合恰当的人员管理,达到实现行业信息系统的安全目的。     

LDAP技术的应用

介绍了LDAP目录服务技术的简单应用,它是许多新型技术实现信息存储、管理和查询的首选方案。在安全上,LDAP Security是基于ACL的,它通过给一个用户组分配LDAP操作资源来最终完成权限的控制。     

LDAP技术的应用

介绍了LDAP目录服务技术的简单应用,它是许多新型技术实现信息存储、管理和查询的首选方案。在安全上．LDAP Security是基于ACL的,它通过给一个用户组分配LDAP操作资源来最终完成权限的控制。     

ACL技术配置应用

本文介绍了ACL(AccessControlList)在QOS(QualityOfService)中的技术配置。ACL是一种服务级别协定(ServiceLevelA-greement),保证各种业务得到所承诺的服务质量。本文根据ACL应用环境,对ACL进行分类,详细介绍在路由器和操作系统上配置A-CL的具体步骤,达到提高网络服务质量管理的目的。     

高职院校机房上网控制系统设计

介绍了一个高职院校机房上网控制系统软件的设计。软件采用批处理技术生成vbs脚本,通过telnet登录中心交换机进行访问控制列表ACL设置来控制网络的断连,软件小巧灵活,简单易用,满足需求,节省成本。     

ACL技术配置应用

本文介绍了ACL（Access Control List）在QOS（Quality Of Service）中的技术配置。ACL是一种服务级别协定（Service Level Agreement），保证各种业务得到所承诺的服务质量。本文根据ACL应用环境，对ACL进行分类，详细介绍在路由器和操作系统上配置ACL的具体步骤，达到提高网络服务质量管理的目的。     

ACL技术在网络控制及网络安全中的应用

随着网络规模的不断扩大,网络应用的不断发展,网络的控制和网络的安全等问题就变得十分的重要了,本文介绍了ACL的基本概念和功能,阐述了ACL的技术原理,并以H3C公司的路由器为例,列举了几种ACL在网络控制及网络安全中的应用。     

基于ACL的网络安全策略应用研究

计算机网络在极大地方便着人们生活的同时,也给使用者的信息安全带来了很多隐患.在保障计算机网络安全的技术中,ACL包过滤是一种被广泛使用的网络安全技术.介绍了ACL的基本原理、主要功能、分类以及包过滤流程,并以一个实际拓扑为例,针对常见的三种不同情况,详细论述了如何利用ACL技术增强网络安全的方法以及配置代码.     

基于ACL的企业园区网络安全设计

该文介绍了ACL技术的工作原理、分类、特性;分析了企业园区网络的特点和存在安全问题;最后给出了通过建立ACL规则来网络的安全性的方法.     

Nonstandard Analysis in ACL2

ACL2 refers to a mathematical logic based on applicative Common Lisp, as well as to an automated theorem prover for this logic. The numeric system of ACL2 reflects that of Common Lisp, including the rational and complex-rational numbers and excluding the real and complex irrationals. In conjunction with the arithmetic completion axioms, this numeric type system makes it possible to prove the nonexistence of specific irrational numbers, such as 2. This paper describes ACL2(r), a version of ACL2 with support for the real and complex numbers. The modifications are based on nonstandard analysis, which interacts better with the discrete flavor of ACL2 than does traditional analysis.     

基于Spring Security ACL的系统访问控制研究

Spring Security ACL是一个权限访问控制框架,主要用来控制各种资源的访问权限。本文讲述Spring Security ACL的机制原理和理论研究,同时也通过一个简单的权限控制实现的例子演示Spring Security ACL的安全框架的实现方法和过程。     

基于联合意图理论的团队交互增强性原语语义研究

目前主流的主体通信语言FIPA ACL对于形成团队协作求解存在通信原语支持不充分的问题.首先指出基于全责提议通信原语的FIPA ACL不能充分支持团队协作的原因,进而明确区分全责提议与联合提议,引入语义成分扩展定义了联合提议.通过以联合提议原语形成的团队性质定理之验证,从理论上使团队在以联合提议形式进行联合意图交流时,团队主体间的协作能力得到改进.     

利用ACL在校园网内实现安全管理

阐述了ACL(Access Control List)基本原理、分类及简单配置方法,并结合实际案例进行了分析并配置,说明如何在校园网中使用ACL进行网络层访问权限控制,提高网络整体性能和安全.     

An ACL for a Dynamic System of Agents

In this article we present the design of an ACL for a dynamic system of agents. The ACL includes a set of conversation performatives extended with operations to register, create, and terminate agents. The main design goal at the agent–level is to provide only knowledge–level primitives that are well integrated with the dynamic nature of the system. This goal has been achieved by defining an anonymous interaction protocol which enables agents to request and supply knowledge without considering symbol–level issues concerning management of agent names, routing, and agent reachability. This anonymous interaction protocol exploits a distributed facilitator schema which is hidden at the agent–level and provides mechanisms for registering capabilities of agents and delivering requests according to the competence of agents. We present a formal specification of the ACL and of the underlying architecture, exploiting an algebra of actors, and illustrate it with the help of a graphical notation. This approach provides the basis for discussing dynamic primitives in ACL and for studying properties of dynamic multi agent systems, for example concerning the behavior of agents and the correctness of their conversation policies.     

PostgreSQL中基于ACL的数据访问控制技术

数据库系统允许用户共享数据,但必须通过访问控制保证数据安全,防止数据的篡改、泄漏或丢失.PostgreSQL借助ACL(Access Control List)技术达到控制访问请求和信息保护的目的.该系统中的数据库对象都有一个ACL,只有出现在ACL中并且具有所需权限的用户才能够访问该对象.PostgreSQL将对象的ACL按抽象数据类型加以维护并用于访问控制,实现方法简洁,易于增强和扩展.它还通过用户组、ACL压缩等技术进一步优化数据访问控制的性能.同时对扩展列级授权给出建议.     

A Framework for Verifying Bit-Level Pipelined Machines Based on Automated Deduction and Decision Procedures

We describe an approach to verifying bit-level pipelined machine models using a combination of deductive reasoning and decision procedures. While theorem-proving systems such as ACL2 have been used to verify bit-level designs, they typically require extensive expert user support. Decision procedures such as those implemented in UCLID can be used to automatically and efficiently verify term-level pipelined machine models, but these models use numerous abstractions, implement a subset of the instruction set, and are far from executable. We show that by integrating UCLID with the ACL2 theorem-proving system, we can use ACL2 to reduce the proof that an executable, bit-level machine refines its instruction set architecture to a proof that a term-level abstraction of the bit-level machine refines the instruction set architecture, which is then handled automatically by UCLID. We demonstrate the efficiency of our approach by applying it to verify a complex, seven-stage, bit-level interface pipelined machine model that implements 593 instructions and has features such as branch prediction, exceptions, and predicated instruction execution. Such a proof is not possible using UCLID and would require prohibitively more effort using just ACL2. This research was funded in part by NSF grants CCF-0429924, IIS-0417413, and CCF-0438871.     

Some Remarks on the Semantics of FIPA's Agent Communication Language

The Foundation for Intelligent Physical Agents (FIPA) standardisation body has produced a set of specifications outlining a generic model for the architecture and operation of agent-based systems. The FIPA'97 Specification Part 2 is the normative specification of an Agent Communication Language (ACL) which agents use to talk to each other. The FIPA ACL is based on speech act theory. Its syntax is defined by performatives parameterised by attribute value pairs, while its semantics is given in terms of the mental states of the communicating agents (i.e. intentionality). However, it is not clear if the formal semantics is meant as a normative or informative specification. The primary purpose of this paper is then to give an expository analysis of the FIPA ACL semantics to clarify this situation. We also offer some guidelines motivated from our own analysis, experience and understanding of how the semantic definitions and logical axioms should be interpreted and applied. However, our conclusion is that while the FIPA ACL specification offers significant potential to a developer using it for guidance, there are limitations on using an agent's mental state to specify the meaning of a performative as part of a normative standard. We consider some possibilities for making improvements in this direction.     

Theory Extension in ACL2(r)

ACL2(r) is a modified version of the theorem prover ACL2 that adds support for the irrational numbers using nonstandard analysis. It has been used to prove basic theorems of analysis, as well as the correctness of the implementation of transcendental functions in hardware. This paper presents the logical foundations of ACL2(r). These foundations are also used to justify significant enhancements to ACL2(r).      

Structured Theory Development for a Mechanized Logic

Experience has shown that large or multi-user interactive proof efforts can benefit significantly from structuring mechanisms, much like those available in many modern programming languages. Such a mechanism can allow some lemmas and definitions to be exported, and others not. In this paper we address two such structuring mechanisms for the ACL2 theorem prover: encapsulation and books. After presenting an introduction to ACL2, this paper justifies the implementation of ACL2s structuring mechanisms and, more generally, formulates and proves high-level correctness properties of ACL2. The issues in the present paper are relevant not only for ACL2 but also for other theorem-proving environments.