| 一种基于访问控制的安全Web服务发现机制 |
| |
| 引用本文: | 韩隽,淮晓永,赵琛.一种基于访问控制的安全Web服务发现机制[J].计算机工程,2008,34(7):137-138. |
| |
| 作者姓名: | 韩隽 淮晓永 赵琛 |
| |
| 作者单位: | 1. 中国科学院软件研究所互联网技术实验室,北京,100080;中国科学院研究生院,北京,100039
2. 中国科学院软件研究所互联网技术实验室,北京,100080 |
| |
| 摘 要: | 当前的Web服务发现机制大多依赖集中式的统一描述、发现和集成注册中心,但组织机构出于安全和地域的考虑,倾向于构建私有的分布式注册中心,只有注册且可信的请求者才能浏览到他们有权限访问的服务信息。该文给出Web服务发现阶段基于角色的访问控制模型RBAC4WSD,发现代理依照服务提供者指定的安全策略对请求者实施访问控制,并以跨国公司内部的文档服务为例介绍原型系统的实现。
|
| 关 键 词: | Web服务 发现代理 统一描述、发现和集成 基于角色的访问控制 隐私保护 |
| 文章编号: | 1000-3428(2008)07-0137-02 |
| 修稿时间: | 2007年5月9日 |
Secure Web Services Discovery Method Based on Access Control |
| |
| HAN Jun,HUAI Xiao-yong,ZHAO Chen.Secure Web Services Discovery Method Based on Access Control[J].Computer Engineering,2008,34(7):137-138. |
| |
| Authors: | HAN Jun HUAI Xiao-yong ZHAO Chen |
| |
| Affiliation: | (1. Lab for Internet Technology, Institute of Software, Chinese Academy of Sciences, Beijing 100080; 2. Graduate University of Chinese Academy of Sciences, Beijing 100039) |
| |
| Abstract: | Most current Web services discovery methods rely on centralized UDDI registries. Due to the security and area, organizations usually build distributed private registries and enforce access control mechanisms. The registered and trusted people can browse the information of services they have permissions to access. A RBAC model for Web services discovery phase named RBAC4WSD is proposed. Discovery agencies are designed to perform access control on service requestors upon security policies specified by service providers. In terms of a scenario of distributed document service within a multinational company, a prototype system is described. |
| |
| Keywords: | Web services discovery agency lUDDI RBAC privacy protection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
