期刊文献+

面向服务的角色访问控制技术研究 被引量:56

Service-Oriented Role-Based Access Control
下载PDF
导出
摘要 面向服务的体系结构具有开发效率高、响应快、费用低等优点.但是由于其结构的松散耦合性和计算的动态性,从而造成其安全管理更为复杂.文章首先回顾了访问控制技术的发展,然后提出了一个面向工作流和服务的基于角色访问控制模型.在这个模型中,通过引入服务和授权迁移的概念,加强了对动态服务架构的描述能力.模型对用户角色权限的控制,是通过实际任务和服务状态进行管理的,这样能够有效地加强访问控制的灵活性和系统的安全性. Service-oriented architecture (SOA) is an evolution of client/server architecture. A SOA-based system can transparently incorporate services running on different software platforms. It could drive the costs down by achieving automated code generation, reuse, and interoperability. But it will cause the complexity of security management due to its loose-couple and dynamic characteristics. The paper first reviews the development of access control technology, and then presents a workflow-based and services-oriented role-based access control (WSRBAC) model. In the model, the authors introduce two notions of services and authorization transfer to describe dynamic service-oriented architecture. In WSRBAC model, access control system can make its access control decisions by capturing practical relevant environmental context. It can realize access control with dynamic grant and adapt permissions based on the state of workflows and services. This model can enhance system security and provide flexibility in access control system.
出处 《计算机学报》 EI CSCD 北大核心 2005年第4期686-693,共8页 Chinese Journal of Computers
基金 国家自然科学基金(60473091) 国家"八六三"高技术研究发展计划项目基金(2003AA142010)资助.
关键词 面向服务 安全 访问控制 角色 工作流 Computer networks Formal languages Information management Middleware Security of data
  • 相关文献

参考文献11

  • 1邓集波,洪帆.基于任务的访问控制模型[J].软件学报,2003,14(1):76-82. 被引量:222
  • 2Gladney H.M., Meyers J.J., Worley E.L. Access control mechanism for computing resources. IBM Systems Journal, 1975, 14(3): 212~228
  • 3Anderson J.P. Computer security technology planning study. Air Force Electronic Systems Division, Hanscom AFB, Bedford, MA: Technical Report ESDTR-73-51, 1972
  • 4Xu Feng, Xie Jun, Huang Hao, Xie Li. Context-aware role-based access control model for Web services. Lecture Notes in Computer Science 3252, 2004, 430~436
  • 5Ferraiolo David, Kuhn Richard. Role-based access controls. In: Proceedings of the 15th NIST-NCSC National Computer Security Conference, Baltimore, MD, 1992, 554~563
  • 6Sandhu R., Conyne E.J., Lfeinstein H.L. et al. Role based access control models. IEEE Computer, 1996, 29(2): 38~47
  • 7Ferraiolo D.F., Sandhu R., Guirila S., Kuhn D.R., Chandramouli R. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 2001, 4(3): 224~274
  • 8Xu Feng, Lin Guo-Yuan, Huang Hao, Xie Li. Role-based access control system for Web services. In: Proceedings of the 4th International Conference on Computer and Information Technology (CIT'04), Wuhan, 2004, 357~362
  • 9Thomas R.K., Sandhu R. Task-based authentication controls (TABC): A family of models for active and enterprise-oriented authentication management. In: Proceedings of the IFIP WG11.3 Workshop on Database Security, London, 1997, 166~181
  • 10Sudhir Agarwal, Barbara Sprick. Access control for semantic Web services. In: Proceedings of IEEE International Conference on Web Services (ICWS'04), San Diego, California,USA, 2004, 770~773

二级参考文献1

共引文献221

同被引文献369

引证文献56

二级引证文献222

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部