期刊文献+

Web服务下基于属性的动态访问控制模型研究 被引量:1

Research of Dynamic Attribute-based Access Control Model in Web Service Environment
下载PDF
导出
摘要 针对面向服务的访问控制系统环境所具有的分布性、异构性和动态性特点,在分析了Web Service下访问控制主客体授权和上下文环境关联的基础上,提出了一种Web服务环境下基于属性的访问控制模型。采用Apache Axis2作为SOAP引擎,结合Sun XACML等相关开源工具完成了Web服务环境下ABAC模型的一个实现。本文所提模型,可以有效实现基于主体、客体和当前环境的属性来动态地、细粒度地进行WEB服务环境下的动态访问控制。 According to distribution, heterogeneity and dynamic characteristics that the service-oriented access conrol system environment has, an attribute-based access control model in web service is proposed on the basis of analyzing access control authorization of subject and object in web service and context correlation. Using Apache Axis2 as SOAP engine and combining with open source tools such as Sun XACML,it completes the ABAC model for web services environment. The model proposed in this paper can effectively achieve the dynamic access control for web services based on the attributes of subject, object and the current environment, dynamically and fine-grainedly.
作者 陈凯 郭银章
出处 《太原科技大学学报》 2014年第3期175-179,共5页 Journal of Taiyuan University of Science and Technology
基金 山西省自然科学基金(2012011015-5) 太原科技大学博士基金(20122022)
关键词 WEB 服务环境 基于属性访问控制 策略执行点 策略决策点 动态授权 web service environment, ABAC, PEP, PDP, dynamic authorization
  • 相关文献

参考文献12

二级参考文献53

  • 1沈海波,洪帆.面向Web服务的基于属性的访问控制研究[J].计算机科学,2006,33(4):92-96. 被引量:12
  • 2钟勇,秦小麟,郑吉平,林冬梅.一种灵活的使用控制授权语言框架研究[J].计算机学报,2006,29(8):1408-1418. 被引量:15
  • 3R S Sandhu, E J Coyne. Role-Based Access Control Models [J]. Computer, 1996, 29(2):38-47.
  • 4Ravi S Sandhu, Venkata Bhamidipati, Qamar Munawer. The ARBAC97 Model for Role-Based Administration of Roles [J]. ACM Trans on Information and System Security, 1999,2(1):105-135.
  • 5Joon S Park, Ravi Sandhu, Gail-Joon Ahn. Role-Based Access Control on the Web [J]. ACM Trans on Information and System Security, 2001,4(1):37-71.
  • 6J S Park, R S Sandhu. Secure Cookies on the Web[J]. Internet Computing , 2000,4(4):36-44.
  • 7WONOHOESODO R, TARI Z. Role-based access control system for web services[A]. Proceedings of the 2004 IEEE International Conference on Services Computing (SCC334)[C]. Shanghai, China, 2004.49-56.
  • 8XU F, LIN G, HUANG H, et al. Role-based access control system for web services[ A]. Proceedings of the Fourth International Conference on Computer and Technology (CIT'04) [ C]. Wuhan, China,2004.375 -362.
  • 9WOLF R, KEINZ T, SCHNEIDER M. A model for context-dependent access control for web-based services with role-based approach[ A]. Proceedings of the 14th International Workshop on Database and Expert System Applications(DEXA'03) [ C]. Prague, Czech Republic, 2003. 209 -214.
  • 10BHATTI R, BERTINO E, GHAFOOR A. A trust-based context-aware access control model for web services[ A]. Proceedings of the IEEE international Conference on Web Services (ICWS'04) [ C].San Diego, California, USA, 2004. 184 - 191.

共引文献302

同被引文献12

引证文献1

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部