摘要
随着计算机应用系统的日益庞大,用户身份认证、访问控制和权限管理成为应用系统安全关注的焦点。如何结合PKI、PMI技术为应用系统提供一种统一的身份认证、授权管理和访问控制是论文想要探讨的问题。文中介绍了一种基于PKI的PMI授权管理访问控制模型,并提出了基于属性证书实现访问控制的方法。
With the rapid development of computer application system, user identity authentication, access control and privilege management is becoming more and more important in application system. This paper focuses on how to combine PKI and PMI techniques and provide a kind of mechanism for identity authentication, and authorization management and access control. A kind of authorization model based on PKI/PMI is proposed in this paper, including the access control based on user attribute certification.
出处
《信息安全与通信保密》
2008年第8期89-93,96,共6页
Information Security and Communications Privacy
关键词
公钥基础设施
权限管理基础设施
属性权威机构
属性证书
Public Key Infrastructure
Privilege Management Infrastructure
Attribute authority
Attribute Certificate