| 基于策略的Web服务访问控制研究 |
| |
| 引用本文: | 沈海波,洪帆.基于策略的Web服务访问控制研究[J].计算机科学,2007,34(5):107-110. |
| |
| 作者姓名: | 沈海波 洪帆 |
| |
| 作者单位: | 华中科技大学计算机学院,武汉,430074;华中科技大学计算机学院,武汉,430074 |
| |
| 基金项目: | 湖北省自然科学基金
,
湖北省教育厅科研项目 |
| |
| 摘 要: | 资源的访问控制是开放、异构Web服务环境必须满足的重要安全需求之一。提出了基于策略的访问控制(PBAC)模型,比较了PBAC与基于角色的访问控制(RBAC),分析了PBAC对策略语言和策略管理架构的需求;基于扩展访问控制语言(XAC№)和基于属性的访问控制(舢五地)模型,提出了一种基于策略的访问控制方法。这种方法满足了Web服务对互操作性、管理灵活性和系统规模性的需求。最后,对语义策略语言进行了展望。
|
| 关 键 词: | Web服务 基于属性的访问控制 策略 XACML |
Study on Policy-based Access Control for Web Services |
| |
| SHEN Hai-Bo,HONG Fan.Study on Policy-based Access Control for Web Services[J].Computer Science,2007,34(5):107-110. |
| |
| Authors: | SHEN Hai-Bo HONG Fan |
| |
| Affiliation: | School of Computer, Huazhong University of Science and Technology, Wuhan 430074 |
| |
| Abstract: | Access control to resources is one of the most important requirements to be satisfied in open,heterogeneous Web service environment.A Policy-Based Access Control(PABC)model is proposed,and PBAC is compared with Role-Based Access Control(RABC).The requeirements for policy language and policy management architecture in PBAC are analyzed.Based on eXtensible access control language(XACML)and attribute-based access control(ABAC)model,a policy-based access control approach is proposed in this paper.This approach satisfies the requirements of the interoperability,flexibility and scalability to the Web service environment.In the end,senmantic policy language is prospected. |
| |
| Keywords: | Web service Attribute-based access control Policy XACML |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机科学》浏览原始摘要信息 |
|
点击此处可从《计算机科学》下载全文 |
|
