Web服务中的基于快速信任的访问控制模型 |
| |
引用本文: | 马晓明.Web服务中的基于快速信任的访问控制模型[J].齐齐哈尔轻工业学院学报,2009(6):11-15. |
| |
作者姓名: | 马晓明 |
| |
作者单位: | 中国网通集团齐齐哈尔市分公司,黑龙江齐齐哈尔161000 |
| |
摘 要: | OASIS的WEB服务安全规范,不提供信任评估和授权决策的支持。文中针对于Web服务下,虚拟临时组织中的访问控制和授权,设计了一种基于怏速信任的访问控制模型(WS—STBAC,SwiftTrust—Based Access Control for Web Service),一种与认证中心相类似的中间件。WS—STBAC南策略管理、信任度计算和授权决策3个模块组成。在获得提供方的访问控制策略和信任计算所需的数据和算法之后,WS—STBAC计算对请求方的信任度。并根据访问控制策略,代替服务提供方进行授权决策。
|
关 键 词: | Web服务 虚拟临时组织 快速信任 访问控制 |
A swift-trust-based access control of Web service |
| |
Authors: | MA Xiao-ming |
| |
Affiliation: | MA Xiao-ming ( Qiqihar Brance Company, Chinese Wangtong Group, Heilongjiang Qiqihar 161000, China ) |
| |
Abstract: | The Web service security standards of OASIS can not support trust evaluation and decision-making using trust information. In this paper, in order to solve access control and authorization in virtual temporary team of web service, a SwiftTrust-Based Access Control for Web Service (WS-STBAC) is designed. WS-STBAC is a kind of middleware like authentication center, and composed of three modules: policy management, trust value computing, and decision-making of authentication. Receiving access control policy, Algorithm and datum about trust computing from providers, WS-STBAC computes trust value of requestors. And based on policy, WS-STBAC decides whether to give requestors authorization, instead of providers. |
| |
Keywords: | Web Service virtual temporary team swift trust access control |
本文献已被 维普 等数据库收录! |
|