摘要
针对如何解决开放式网络环境中的访问控制问题展开研究,将UCON模型与Flask安全体系结构结合,提出并设计了基于UCON的访问控制框架,将其应用到Web系统中,实现了其在"数字化校园"中的应用。该框架允许管理员为应用制定更为精确、更为细粒度的安全策略,同时其动态的授权机制使访问控制决策取决于策略中多种有效的上下文限制条件。设计的基于UCON的访问控制框架支持灵活、动态的访问控制、分布式应用和统一的策略管理,解决了开放式网络环境中复杂的访问控制问题。
This article studies how to solve the open network access control,presents and designs an access control framework based on UCON by combining UCON model with Flask security system structure.Through web system,this framework makes the realization of 'digital campus' application.The framework allows the administrators to develop more accurate,more fine-grained security policy for the application,while its dynamic authorization mechanism makes access control decisions made by a variety of effective instructions.Flexible and dynamic access control,distributed applications and unified policy management are well supported in this framework so that the complex access control issues in an open network environment are settled.
出处
《电力学报》
2012年第6期593-602,共10页
Journal of Electric Power
关键词
信息系统
UCON框架
访问控制
认证服务器
决策服务
information systemaccess control
UCON framework
authentication server
decision service