摘要
在遵循OMG的安全服务规范的基础上,提出了CORBA安全服务的实现模型———SECORBUS。模型以SSL,Kerberos等安全技术为基础,支持分布式环境下的登录认证、安全连接的建立和安全调用的实现,以及以对象为保护粒度的访问控制功能。SECORBUS系统采用Security-Ready模式实现,使得在达到ORB轻量化目的的同时,又允许系统外挂以其他安全技术实现的安全服务模块。模型还提出了访问控制策略的规模控制模型及安全连接的建立模型,有效地提高了系统的整体性能。
According to CORBA security service specification, this paper proposes the implementation model of CORBA security service: SECORBUS. Based on the SSL and Kerberos technologies, it supports security functions in CORBA environment, such as authentication, security invocation and access control. The SECORBUS system uses the security - ready style to implement the security service module, and consequently, it lowers the burden of ORB core. At the same time, increases the replaceability and extensibility of the system greatly. Furthermore, the control model of the access control policy scale and the establishment model of security association are also proposed to improve the system's overall performance effectively.
出处
《微机发展》
2005年第11期17-20,共4页
Microcomputer Development
基金
国家"八六三"项目(2003AA413320)
