期刊文献+

基于UCON的访问控制的应用 被引量:1

Application Research of Access Control Based on UCON
下载PDF
导出
摘要 针对如何解决开放式网络环境中的访问控制问题展开研究,将UCON模型与Flask安全体系结构结合,提出并设计了基于UCON的访问控制框架,将其应用到Web系统中,实现了其在"数字化校园"中的应用。该框架允许管理员为应用制定更为精确、更为细粒度的安全策略,同时其动态的授权机制使访问控制决策取决于策略中多种有效的上下文限制条件。设计的基于UCON的访问控制框架支持灵活、动态的访问控制、分布式应用和统一的策略管理,解决了开放式网络环境中复杂的访问控制问题。 This article studies how to solve the open network access control,presents and designs an access control framework based on UCON by combining UCON model with Flask security system structure.Through web system,this framework makes the realization of 'digital campus' application.The framework allows the administrators to develop more accurate,more fine-grained security policy for the application,while its dynamic authorization mechanism makes access control decisions made by a variety of effective instructions.Flexible and dynamic access control,distributed applications and unified policy management are well supported in this framework so that the complex access control issues in an open network environment are settled.
作者 白瑜
出处 《电力学报》 2012年第6期593-602,共10页 Journal of Electric Power
关键词 信息系统 UCON框架 访问控制 认证服务器 决策服务 information systemaccess control UCON framework authentication server decision service
  • 相关文献

参考文献8

二级参考文献145

  • 1俞银燕,汤帜.一种具有硬件适应性的数字内容版权保护机制[J].北京大学学报(自然科学版),2005,41(5):800-808. 被引量:13
  • 2[1]Sandhu, R. Issues in RBAC . In: Proceedings of the ACM RBAC Workshop. MD: ACM Press, 1996. 21~24.
  • 3[2]Jaeger, T. On the increasing importance of constraints. In: Proceedings of 4th ACM Workshop on Role-Based Access Control. Fairefax, VA: ACM Press, 1999. 33~42.
  • 4[3]Ahn, G.-J. The RCL2000 language for specifying role-based authorization constraints [Ph.D. Thesis]. Fairfax, VA: George Mason University, 1999.
  • 5[4]Sandhu, R., Coyne, E.J., Feinstein, H.L., et al. Role-Based access control models. IEEE Computer, 1995,29(2):38~47.
  • 6[5]Chen, Fang, Sandhu, R. Constraints for role-based access control. In: Proceedings of the ACM RBAC Workshop. MD: ACM Press, 1996. 39~46.
  • 7[1]Bertino E,Ferrari E,Atluri V.An Approach for the Specification and Enforcement of Authorization Constraints in Workflow Management Systems[J].ACM Transactions on Information Systems Security, 1999; 1 (1)
  • 8[2]Castano S,Casati F,Fugini M.Managing Workflow Authorization Constraints through Active Database Technologh[J].Information Systems Frontiers, 2001; 3 (3)
  • 9[3]Shengli Wu,Amit Sheth John Miller,Zongwei Luo. Authorization and Access Control of Application Data in Workflow Systems[J].Intelligent Information Systems,2002-01:71~94
  • 10[4]S Jajodia,P Samarati,M L Sapino et al.Subrahmanian,Flexible Support for Multiple Access Control Policies[J].ACM Transactions on Database Systems,2001 ;26(2) :214~260

共引文献364

同被引文献5

引证文献1

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部