| 一个具有强授权特性的网格安全框架 |
| |
| 引用本文: | 侯孟波,徐秋亮. 一个具有强授权特性的网格安全框架[J]. 计算机应用, 2005, 25(5): 1145-1147 |
| |
| 作者姓名: | 侯孟波 徐秋亮 |
| |
| 作者单位: | 山东大学,计算机科学与技术学院,山东,济南,250061;山东大学,计算机科学与技术学院,山东,济南,250061 |
| |
| 基金项目: | 国家自然科学基金资助项目(60373026),山东省自然科学基金资助项目(Y2003G02) |
| |
| 摘 要: | 网格安全技术主要解决网格环境中实体之间的认证和授权问题。Globus网格项目中的GSI(Grid Secudty Infrastmcture)主要基于X.509技术实现身份认证以及数据的机密性、完整性和抗否认性,重点解决了认证和消息保护问题,然而在授权问题上缺乏必要的技术支撑。在分析现有安全技术的基础上,提出了将基于X.509的PKI技术和PMI技术相结合的网格安全框架,旨在实现基于安全认证基础之上网格用户和虚拟群组实体间的安全授权机制,从而构建强认证、强授权的网格安全基础设施。
|
| 关 键 词: | 网格安全 GSI 公开密钥基础设施 授权管理基础设施 Kerberos |
| 文章编号: | 1001-9081(2005)05-1145-03 |
Enhanced strong authorization grid security architecture |
| |
| HOU Meng-bo,XU Qiu-liang. Enhanced strong authorization grid security architecture[J]. Journal of Computer Applications, 2005, 25(5): 1145-1147 |
| |
| Authors: | HOU Meng-bo XU Qiu-liang |
| |
| Abstract: | Authentication and Authorization are the main concerns in the research of grid security technology. GSI of the Globus Project proposes a grid security infrastructure based on X.509 to provide authentication, data confidentiality, integrity and non-reputation. It focuses primarily on authentication and message protection, while lacking strong support for delegation and authorization. Several popular security solving schemes were analyzed, and a scheme based on the combination of PKI/PMI of X.509 standard was given, trying to enhance the authorization mechanism between the grid users and subjects of virtual organizations, hence to construct more secure grid security infrastructure. |
| |
| Keywords: | grid security GSI PKI PMI Kerberos |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
