期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于域内的访问控制策略提炼模型及其实现 被引量:1

A Model Based on Domain for Access Control Policy Refinement and Its Implementation
下载PDF
导出
摘要 以CERNET的管理为应用背景,从分析策略管理系统的关键技术和难点问题入手,提出了一种新的策略提炼模型。其原理是利用ACL的特性,将不同策略语言表示的策略映射到ACL,再分发给不同的网络设备运行。该方案简化了传统策略提炼过程中复杂的转换逻辑问题,使基于域内的安全和访问控制管理完全实现自动化。 A new model for policy refinement is presented at the application background of CERNET. Using the properties of access control list (ACL) in this model, the policies described in different specification languages are mapped into access control lists, which are distributed to different network devices to enforce. Thus, the complex transformation logic in traditional policy refinement fashion is simplified, especially, security and access control configuration management can be automated
作者 曾旷怡 张金祥 杨家海
机构地区 清华大学信息网络工程研究中心
出处 《计算机工程》 CAS CSCD 北大核心 2006年第11期136-137,140,共3页 Computer Engineering
基金 国家自然科学基金资助项目(60473083)
关键词 网络管理 策略提炼 访问控制列表 ACL Policy based network management Policy refinement Access control list(ACL)
分类号 TP393 [自动化与计算机技术—计算机应用技术] TP312 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献8

  • 1Moffett J, Sloman M. Policy Hierarchies for Distributed Systems Management[J]. IEEE Journal on Selected Areas in Communications,1993,11(9): 1404.
  • 2Lupu E. A Role-based Framework for Distributed Network Management[D]. London, UK: Imperial College, 1998: 111-114.
  • 3Lupu E, Sloman M. Conflicts in Policy Based Distributed Systems Management[J]. IEEE Transactions on Software Engineering, 1999,25(6): 852-869.
  • 4Damianou N, Bandara K A, Sloman M, et al, A Survey of Policy Specification Approaches[D]. London, UK: Imperial College,2002-04: 28-32.
  • 5Mont M, Baldwin A, Goh C. Power Prototype: Towards Integrated Policy Based Management[C]. IEEE/IFIP Network Operations and Management Symposium, Honolulu, USA, 2000.
  • 6Verma D. Simplifying Network Adminisration Using Policy Based Management[J]. IEEE Network, 2002, 16(2): 20-26.
  • 7Bandara A, Lupu E, Russo A. Using Event Calculus to Formalize Policy Specification and Analysis[C]. Proceedings of the 4^th IEEE Workshop on Policies for Distributed Systems and Networks, Lake Como, Italy, 2003-06.
  • 8Zhou Wei. Implement Role Based Access Control with Attribute Certificates[C]. Proceedings of the 6^th International Conference on Advanced Communication Technology, Korea, 2004-02: 536-541.

同被引文献7

  • 1Solsoft Policy Server Better Management for Network Security. A Solsoft White Paper[EB/OL]. (2003-12-08). http://www.antpower. org/AntFolder_ Security_Policy_Management.
  • 2NetScreen Technologies Inc.. Administrator's Guide NetScreenSecurity Manager[EB/OL]. (2004-07-06). http://www.juniper.net/ software/security-manager.
  • 32heck Point Software Technologies Ltd. Check Point Smart Center Guide[EB/OL]. (2002-05-15). http://support.checkpoint.com/kb.
  • 4Beigi M S. Policy Transformation Techniques in Policy-based Systems Management[C]//Proc. of IEEE International Workshop on Policies for Distributed Systems and Network. Yorktown: [s. n.]. 2004.
  • 5Mont M, Baldwin A. Power Prototype: Towards Integrated Policy Based Management[C]//Proc. of IEEE/IFIP Network Operations and Management Symposium. Honolulu: [s. n.]. 2000.
  • 6Niemann T.Lex和Yacc简明教程[EB/OL].(2006-10-29).http://www.epaperpress.com.
  • 7Andreasson O.Iptables指南1.1.19[EB/OL].(2006-11-07).http://www.man.ChinaUnix.net.

引证文献1

计算机工程
2006年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部