基于开放逻辑R反驳计算的访问控制策略精化

策略精化是解决分布式应用访问控制策略配置复杂性的重要方法,现有精化技术给出了策略分层描述和逐层精化的方法,但处理策略之间关联问题的能力不足.基于精化树描述策略和策略关联,基于叶结点策略冲突判断,采用开放逻辑R反驳计算分析精化树策略关联属性,能够消解策略冲突同时保证策略互斥、组合、访问路径协同、精化映射等关联正确,并能够按序消解不同类型策略冲突、自由取舍相冲突的策略.实验与分析计算性能表明,该方法符合SaaS平台客户应用系统策略精化需求.     

分布式应用访问控制策略精化与冲突分析技术

策略精化是面向服务分布式应用访问控制策略配置的重要方法。分析了现有策略精化技术,包括系统和策略分层描述、推导下层协同控制策略的方法、策略精化中的策略冲突分析与消解方法、策略精化完全性和一致性、纵深防御协同策略一致性、应用策略组合与互斥约束等策略之间的关联属性分析方法。通过分析发现,策略关联属性分析能力不足是影响精化能力的关键问题。进一步分析了现有策略冲突分析技术的关联属性分析、分布式应用适用性和计算可扩展性。基于分析结果,提出了一些提高策略精化能力以适应面向服务的分布式应用的研究问题。     

组合Web服务访问控制策略合成研究

针对Web服务多域环境下组合服务的访问控制策略合成问题,首先提出基于属性的Web服务访问控制策略描述框架,并结合原子属性值限制的属性描述方法,对服务访问控制策略进行了形式化表达。然后,通过分析服务组合描述文档中的控制结构,并研究访问控制策略合成算子和访问控制策略规则的合成运算,提出组合Web服务访问控制策略合成方法,实现了组合服务访问控制策略的合成。最后,结合实例给出组合Web服务的访问控制策略合成流程,验证了合成方法的实用性。     

基于属性树的Web服务访问控制模型

提出了基于属性树的Web服务访问控制模型,引入属性树来描述结构化属性,使用限制树来描述结构化属性的各种限制,解决了结构化属性的描述、属性的限制评估以及策略描述等问题。     

基于属性的内部文档访问控制

采用基于属性的访问控制模型思想,实现了分布式环境下的内部文档访问控制.采用F-Logic语言,描述了访问控制策略,具有良好的结构化知识的描述能力.采用FLORA-2作为逻辑推理引擎,具有更好的通用性.在统一的访问控制框架下,以具体应用为例,描述了基于属性的内部文档访问控制实现过程中的各个要素,包括属性描述、访问控制请求描述、策略描述.     

基于属性访问控制策略管理方法

针对云计算下基于属性访问控制策略容易被第三方修改造成资源被恶意访问的情况和现有策略检索方法效率低的问题,提出基于默克尔-帕特里夏树(MPT)和布隆过滤器(Bloom Filter)的属性访问控制策略管理方法.为访问控制策略集合构建一棵MPT树,通过PDP进行验证的方式监督策略是否被修改,把策略集合通过Hash函数映射到...     

网格环境中基于语义的ABAC属性研究

为解决网格环境中域间互操作时基于属性的访问控制(attribute based access control,ABAC)策略之间的语义异构问题,提出一种利用属性语义信息辅助域间安全策略表示的方法.根据主客体及环境属性的多样性和二义性等特点,对EduPerson规范、SAML属性轮廓、QoS测度等领域知识进行分析,并构建出SHIQ(D)描述逻辑的通用属性本体UniAttOnt.在此基础上,给出了利用本体知识使用属性语义信息辅助属性一致性检测和策略表示等的具体方法,最后的实例分析表明了该方法的可行性.     

服务集成总线中基于属性的策略服务的研究

为了增强服务集成总线的中介能力,提高面向服务架构的服务质量,保证分布式系统的安全性,对可扩展访问控制标记语言进行了研究及拓展,使其不仅可以描述访问控制策略,也可以应用到路由选择策略,进而设计了SIB中的基于属性的策略服务,着重考虑访问控制策略和路由选择策略,使SIB具有智能路由能力和访问控制能力.在此基础上,为处理大规模策略存储的情况,提出了一套改进的策略库模型,提高策略判定效率.     

基于属性的访问控制策略逻辑融合框架研究

基于属性的访问控制策略合并在大规模分布式多域环境下有着重要的应用背景.从现有文献关于基于属性的访问控制策略合成的研究结论出发,提出了一种逻辑融合框架,用以描述各种策略合并场景,并用实例对其进行了应用分析.该框架不仅能支持已有工作,而且能描述动态的策略合成方法.随后引入一个推理系统,根据它可以形式地验证合并出的新策略的一致性,并给出所提策略逻辑对访问请求的一种评估方法,保障了策略融合的正确性,进一步增强了策略融合方法的适用性.     

一种遗留系统中访问控制策略的再工程方法

基于角色的访问控制是目前应用最广泛且先进的安全控制机制.针对它被广泛应用于新软件,却未被遗留系统普遍采用的问题,提出一种访问控制策略的再工程方法.方法定义了描述、操作和评估访问控制策略的面向转换的访问控制策略语言,研究了提取遗留访问控制策略的方法,并给出将角色引入遗留访问控制策略的转换规则和算法.案例分析表明方法是可行的,它能够使用角色和角色层次重组遗留访问控制策略,以改善遗留系统的访问控制机制.     

一种基于策略元素三元组的策略描述语言

分析常用策略描述语言的缺点,总结策略的主要配置方式,分析策略的组成成员,提出策略主要元素ECA三元组并给出其关系,设计一种基于ECA的策略描述语言,阐述其相关的词法和语法并进行适应性验证。该语言简单实用,克服了当前常用策略描述语言在策略管理中的缺陷,统一了大规模网络环境下各种网络安全设备策略的描述。     

Optimal procurement, disposal and pricing policies for managing rental goods

Consider a video rental retailer who procures DVDs or video cassettes from a distributor and rents them to the customers. To meet the time‐varying rental demand, the retailer needs to develop cost‐effective procurement and disposal policies. In this paper, we first present a base model in which the underlying rental demand is decreasing over time, backorders are not allowed and the disposal price is exogenous. For this base model, we show that the optimal procurement quantity is equal to the sum of effective demands (rental demand net of returns) over an integral number of periods, and the optimal disposal policy can be determined by solving a simple dynamic program with polynomial complexity. We then analyze the case of endogenous disposal prices and derive optimal disposal policies by solving a quadratic optimization problem with tree constraints. We also extend the base model to allow for backorders and to cases where the retailer has multiple procurement opportunities and a contractual period where disposals are not allowed. We show that the qualitative nature of the procurement policy is preserved in these cases and the optimal procurement and selling policies can be determined using similar dynamic programming algorithms.     

VPN系统中安全策略系统的设计与实现

VPN技术是解决网络端到端连接的安全问题的一条有效途径,其中的关键方面就是建立适合网络需求的安全策略,而安全策略由一条或多条描述特定行为的规则组成。本文对安全策略模块进行了研究,提出了一个安全策略模型,分析了安全策略管理器中规则的角色和状态转换并加以实现。实验结果表明,VPN系统工作正常,性能稳定。     

Scalable model‐based configuration management of security services in complex enterprise networks

Security administrators face the challenge of designing, deploying and maintaining a variety of configuration files related to security systems, especially in large‐scale networks. These files have heterogeneous syntaxes and follow differing semantic concepts. Nevertheless, they are interdependent due to security services having to cooperate and their configuration to be consistent with each other, so that global security policies are completely and correctly enforced. To tackle this problem, our approach supports a comfortable definition of an abstract high‐level security policy and provides an automated derivation of the desired configuration files. It is an extension of policy‐based management and policy hierarchies, combining model‐based management (MBM) with system modularization. MBM employs an object‐oriented model of the managed system to obtain the details needed for automated policy refinement. The modularization into abstract subsystems (ASs) segment the system—and the model—into units which more closely encapsulate related system components and provide focused abstract views. As a result, scalability is achieved and even comprehensive IT systems can be modelled in a unified manner. The associated tool MoBaSeC (Model‐Based‐Service‐Configuration) supports interactive graphical modelling, automated model analysis and policy refinement with the derivation of configuration files. We describe the MBM and AS approaches, outline the tool functions and exemplify their applications and results obtained. Copyright © 2010 John Wiley & Sons, Ltd.     

Policies in network and systems management—Formal definition and architecture

The task of managing information technology resources becomes increasingly complex as managers must take heterogeneous systems, different networking technologies, and distributed applications into consideration. As the number of resources to be managed grows, the task of managing these devices and applications depends on numerous system and vendor specific issues. To prevent the operators from drowning in excessive detail, the level of abstraction needs to be raised in order to hide system and network specifics. Policies that are derived from the goals of management define the desired behavior of distributed heterogeneous systems and networks, and specify means to enforce this behavior. A formal definition of policies is presented and examples of policies from network and systems management are given to illustrate the concept. An architecture is introduced to show how a policy system can be realized.     

Rule-Based Building-Block Architectures for Policy-Based Networking

We developed two rule-based building-block architectures, i.e., pipe-connection and label-connection architectures, for describing complex and structured policies, especially network QoS policies. This study focuses on the latter. The relationships or connections between building blocks are specified by the data flow and control flow between them. The data flow is specified by tags, including virtual flow labels (VFLs), which are data attached to outside packets. The control flow can be classified and specified by four control structures: concatenation, parallel application, selection, and repetition. We have designed fine-grained and coarse-grained building blocks and methods for specifying data flow and control flow in differentiated services (Diffserv), and implemented the coarse-grained ones in a policy server. Two cases of building-block use are described, and we concluded that there are five advantages of building-block-based policies, i.e., expressibility, uniform semantics, simplicity, flexibility, and management-task-oriented design. We also developed techniques for transforming building-block policies into executable ones, which are called policy division and fusion.     

可移植对象适配器策略机制的分析与设计

可移植对象适配器POA模型是CORBA规范中一个核心模型，它是CORBA为了规范服务器应用程序的开发以及解决服务器程序在不同ORB产品之间无需修改地进行移植问题而提出的 ，POA策略是其关键特性。本文对POA模型中的七个标准策略的特点、应用场合以及各种策略组合进行了深入的分析，在此基础上设计实现了POA策略机制，提供了灵活的策略创建、策略管理手段，使得应用开发者可以根据需要灵活地对POA进行动态配置，从而满足了不同应用的需求。     

An investigation of microcomputer policies in large organizations

Most large organizations are already integrating microcomputers into their information processing activities. As this integration matures, we should expect to see fully-developed policy statements which encourage the productive use of these versatile new tools. This research, based upon extensive interviews of managers in charge of microcomputing in large organization, measures the extent to which microcomputer policies are in place and classifies the nature of the policy statements themselves.     

开放实现与计算反射技术综述

1.引言传统上软件开发遵循这样的原则:模块应提供表达其功能的接口,同时应隐藏其实现细节。这个原则被非正式地称为“黑盒抽象”,是软件设计的一个基本方法学原则,也是其他研究方向比如可移植性、重用、组件软件、软件工程方法、标准式设计等的基石。但是近年来随着软件重用技术和软件可扩展性技术的发展,人们对这样一个软件基本准则提出了疑问。主要的疑问是:模块的最佳实现策略在不知道模块的具体使用环境的情况下是不能确定的。也就是说,用户(模块的使用者)而不是模块的设计者通常知道实施方案的最佳策略。但在黑盒抽象原则下,设计者过早地确定了实现策略.并且在黑盒中固化,用户不能改变这些策略.因而往往不能满足用户的需求。     

访问控制策略描述语言与策略冲突研究

访问控制技术是网络安全防范和保护的主要方法,能保证信息的完整性和机密性。随着计算机、互联网和无线通信技术的高速发展,网络安全问题日益严重,访问控制策略的研究已成为计算机学科的一个热点课题。本文首先介绍了五种主要的访问控制策略描述语言,分析了各自的特点及适用环境;然后总结了访问控制策略冲突产生的原因、类型、冲突检测以及冲突消解方法;最后给出了访问控制策略研究的发展趋势。