摘要
传统的访问控制由身份、授权决定,用户一旦取得一定的资格和权利,在范围内的活动就不再考察其行为的表现,直到另一次授权的改变。在网格环境中无论其身份如何,只要其行为是不安全的,就必须制止其不安全的操作。因此必须要加强对行为的监测、记录和控制。只有在现有身份认证的基础上,结合基于行为信任的行为认证与访问控制,不断地考察实体的行为并对其表现进行评价和记录,由其历史表现来决定对其的行为控制,才能真正做到网格环境下的安全交易。
Conventional access control is based on the identity and authorization. If the user has qualification to do something, his behavior is not warded in spite of what he will do until his qualification is canceled. But if the action is hazard, it has to be forbidden without regarding its identity. So, the inspecting, recording and controlling of action must be done. Besides conventional identity certification, certification and access control base on behavior creditability control the actions of entities by its action creditability. The action creditability is obtained by inspecting, scoring and recording the behaviors of entity. Only doing this, the grid security is realized.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第6期1306-1308,共3页
Computer Engineering and Design
关键词
行为控制
网格安全
行为可信性
可信认证
访问控制
behavior control
grid security
behavior creditability
certification based on creditability
access control