|
|||||
|
|
| 一种基于策略的跨自主域访问控制模型研究 | |
| 引用本文: | 武鹏,梁英,陈皓,王新.一种基于策略的跨自主域访问控制模型研究[J].微电子学与计算机,2008,25(9). |
| 作者姓名: | 武鹏 梁英 陈皓 王新 |
| 作者单位: | 1. 中国科学院,计算技术研究所,北京,100190;中国石油大学,北京,计算机科学与技术系,北京,102249 2. 中国科学院,计算技术研究所,北京,100190 3. 中国科学院,计算技术研究所,北京,100190;中国科学院,研究生院,北京,100049 4. 中国石油大学,北京,计算机科学与技术系,北京,102249 |
| 基金项目: | 国家高技术研究发展计划(863计划),国家重点基础研究发展计划(973计划) |
| 摘 要: | 针对分布式环境下各自主域访问控制模型的异构性以及跨域访问中域自治与协作问题,提出了一种基于策略的跨自主域访问控制模型.该模型通过自主域间访问主体的不同粒度映射机制,支持域间的安全互操作;通过安全控制器并结合基于XACML的访问控制策略,实现了域间用户权限的逻辑整合.各域的相关权限信息封装在域内,既保持原有的独立性又实现了域间的协作,同时屏蔽了域间主体差异,解决了不同域系统互不认知和异构访问控制模型映射问题. |
| 关 键 词: | 访问控制 策略 跨域访问控制 XACML |
Research on Policy-based Cross-Domain Access Control Model |
|
| WU Peng,LIANG Ying,CHEN Hao,WANG Xin.Research on Policy-based Cross-Domain Access Control Model[J].Microelectronics & Computer,2008,25(9). | |
| Authors: | WU Peng LIANG Ying CHEN Hao WANG Xin |
| Abstract: | Autonomous domain access control model is heterogeneous and every domain is autonomous and cooperated each other when visits of cross-domain occur in Distributed environment.In this paper a policy-based across autonomous domain access control model is proposed.Different level mapping mechanism is used to support the security interoperability of across-domain in this model.Achieve integration of inter-domain user's access rights in logic through security controller combined with the XACML-based access control strategy.The relevant authority of the domain information is encapsulated.So it is not only maintaining the domain's independence and collaboration but also shielding the subjects' differences of domain and resolving the issues that different domain systems are not cognitive and access control model is heterogeneous. |
| Keywords: | access control policy across-domain XACML |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |