摘要
Web服务分布式、异构的本质,使得对服务请求者进行身份认证和授权变得复杂,针对这些问题提出了一个基于SAML,XACML,RBAC等关键技术的身份认证与访问控制模型。该模型采用SAML辅件技术实现Web服务的单点登录;用XACML实现RBAC模型,简化授权管理,同时达到对资源的细粒度访问控制的目标;用扩展的SAML语法支持XACML信息的安全有效传输。
Web service's distributed, heterogeneous nature, made the service to those requesting for authentication and authorization complex. In response to these issues, the paper proposed an identity authentication and access control model based on the key technologies such as SAML, XACML, RBAC, and etc. The model used SAML artifact technology to realize single sign-on of Web services, XACML made RBAC model implemented, simplifyied the management of authorization, and achieved the goal of access control of fine-grained resource at the same time, extension of the SAML syntax to support the safe and effective transmission of XACML information.
出处
《电脑与信息技术》
2009年第3期64-66,共3页
Computer and Information Technology
