期刊文献+

基于属性的跨域访问方法研究 被引量:1

Research on the Method of Attributes-based Cross-domain Access
下载PDF
导出
摘要 针对基于IRBAC2000模型的跨域访问过程中所面临的动态性和细粒度问题,文章提出了一个基于属性同步的跨域访问控制框架,在此框架下,研究了一种基于属性同步的跨域访问控制方法,该方法将主体属性分成动态属性和静态属性,采用三种信令对跨域过程中的动态属性进行同步更新,从而更动态,更细粒度的对跨域的用户进行实时授权,并在跨域访问过程中采用推拉方法实现请求域和资源域属性的同步,将请求域主体的属性变化及时、主动地在资源域反应,实现了授权规则的快速匹配。该方法改进了IRBAC2000跨域访问的不足。 This paper purposes a cross-domain access control framework base on the attributes synchronization, and purposes a cross-domain access control method in the framework, this method achieves the attributes synchronization between the base domains and outside domains. The method can timely and actively response the changing of the subject attributes to the outside domain, achieves fast matching of the mandated rules and dynamic authority in the cross-domain process. This method improves dynamic cross-domain access problems of IRBAC2000 too.
作者 王福 周家晶
出处 《信息网络安全》 2011年第9期123-125,132,共4页 Netinfo Security
关键词 跨域访问控制 属性 属性同步 动态性 attributes-based access control cross-domain access dynamic attributes synchronization
  • 相关文献

参考文献4

二级参考文献24

  • 1袁平鹏,陈刚,董金祥.多政策的两层协同应用存取控制模型[J].计算机辅助设计与图形学学报,2004,16(4):420-426. 被引量:19
  • 2ISO/IEC 18028-3,信息技术.安全技术.IT网络安全.第3部分:使用安全网关的网络间的安全通信[S].Switzerland:ISO/IEC,2005.
  • 3FERRAIOLO D,SANDHU R,GAVRILA S.et al.Proposed NIST standard for role-based access control[J].ACM Trans on Information and System Security,2001,4(3):224-274.
  • 4YUAN E,TONG J.Attribute based access control(ABAC) for Web services[C]//Proc of IEEE International Conference on Information Technology:Coding and Computing.Orlando,Florida:IEEE Computer Society,2005:561-569.
  • 5PARK J,SANDHU R.The UCONABC usage control model[J].ACM Trans on Information and System Security,2004,7(1):128-174.
  • 6KAPADIA A,MUHTADI J A,CAMPBELL R H,et al.IRBAC secure interoperability using dynamic role translation,UIUCDCS-R-2000-2162[R].[S.l.]:University of Illinois,2000.
  • 7DENKER G,MILLEN J,MIYAKE Y.Cross-domain access control via PKI[C]//Proc of the 3rd International Workshop on Policies of Distributed Systems and Networks.[S.l.]:IEEE Press,2002:202-205.
  • 8DEMCHENKO Y,De LAAT C,GOMMANS L,et al.Domain based access control model for distributed collaborative applications[C]//Proc of the 2nd IEEE International Conference on E-Science and Grid Computing.[S.l.]:IEEE Computer Society,2006:24.
  • 9DEMCHENKO Y,GOMMANS L,De LAAT C.Extending role based access control model for distributed multidomain applications[C]//Proc of International Federation for Information Processing.Boston:Springer,2007:301-312.
  • 10Department of Defense.Department of Defense Directive 8500.1[EB/OL].(2002)[2007-04-23].http://www.dtic.mil/whs/directives/corres/pdf/850001p.pdf.

共引文献35

同被引文献4

引证文献1

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部