摘要
身份认证和权限管理是网络安全的两个核心内容。研发了一个基于公共密钥基础设施技术的权限管理基础设施系统。提出了一个基于属性证书和条件化的基于角色的访问控制、进行权限管理的权限管理基础设施访问控制模型,提供了属性证书的两种提交方式,即“推”模式和“拉”模式,并在此模型的基础上给出了该系统的实现,最后给出了该系统的一个应用实例。实践证明,该系统提供了一个较好的解决方案和实现,基本上能够满足大型应用(上百万用户)的用户需求。
Identity authentication and privilege management are critical to Web security. A Privilege Management Infrastructure(PMI)system based on Public Key Infrastructure(PKI)technology, JSJYY-PMI, was developed. A new PMI access control model based on attribute certificate and conditioned Role Based Access Control(RBAC)was put forward. Two submission fashions of attribute certificate were provided in the system, which were the 'PUSH' fashion and the 'PULL' fashion. Moreover, the realization and an application example of the system were provided in detail. With the application of the system, JSJYY-PMI provided a better resolution and implementation. It would satisfy large applications (millions of users).
出处
《计算机集成制造系统》
EI
CSCD
北大核心
2005年第6期881-884,共4页
Computer Integrated Manufacturing Systems
基金
国家自然科学基金资助项目(60273080)~~