期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

多域环境下安全互操作研究进展 被引量:4

Research Development on Secure Interoperation in Multi-domain Environment
下载PDF
导出
摘要 多域安全互操作是通过认证机制、访问控制机制和审计机制来实现多个分布、异构、自治区域间安全的资源共享和信息交互的过程。系统介绍了这一新型研究领域的理论基础和应用现状,从解决访问控制安全和域间策略冲突的角度,对域间角色转换技术、基于信任管理、基于PKI和基于时间限制等方向的多项研究成果和关键技术进行分析和点评,重点探讨了多域环境下各自治域间策略集成算法的建模和实现,最后针对目前研究工作中存在的问题,对该领域未来的发展方向和趋势做出展望。 Secure interoperations in Multi-domain can share resources and communicate information in multi distributed, heterogeneous, and autonomy domains, which depends on authentication, access control, and audit mechanisms. A comprehensive survey of research on this novel approach was presented to solve the conflicts of secure policies of domains, and some basic techniques, e. g. role-mapping technique between domains, trust management, Public Key Infrastructure and temporal role based access control,were introduced and compared. Mainly discussed model and architecture of policy-integration in multi-domain. Finally, the trend of research was discussed, which is based on the shortcomings and problems of current research.
作者 金莉 卢正鼎 赵峰
机构地区 华中科技大学计算机科学与技术学院
出处 《计算机科学》 CSCD 北大核心 2009年第2期47-54,共8页 Computer Science
基金 国家自然科学基金项目(60403027 60773191) 国家高技术研究发展计划(863计划)项目(2007AA01Z403) 中国博士后科学基金(20070410282)资助
关键词 安全互操作 多域 RBAC 访问控制 Secure interoperation, Multi-domain, RBAC, Access control
分类号 TP316.81 [自动化与计算机技术—计算机软件与理论] P208 [天文地球—地图制图学与地理信息工程]
  • 相关文献

参考文献53

  • 1V-Gomez J. Multidomain Security. Computer & Security, 1994, 13:161-184
  • 2Bonatti P, Vimercati S D C, Samarati P. An Algebra for Composing Access Control Policies. ACM Transactions on Information and System Security, 2002,5 (1)
  • 3Dawson S, Qian S, Samarati P. Providing Security and Interoperation of Heterogeneous Systems, Distributed and Parallel Databases,August 2000,8:119-145
  • 4Qian X, Lunt T F. A MAC Policy Framework for Multilevel Relational Databases. IEEE Transactions on Knowledge and Data Engineering, 1996,8( 1 ) : 3-15
  • 5Osborn S L, Sandhu R, Munawer Q. Configuring Role-Based Ae tess Control to Enforce Mandatory and Discretionary Access Control Policies. ACM Transactions on Information and System Security,2000,3(2) :85-106
  • 6Gong L, Qian X. Computational Issues in Secure Interoperation. IEEE Transaction on Software and Engineering, 1996, 22 (1): 43-52
  • 7Szigeti J, Ballok I, Cinkler T. Efficiency of Information Update Strategies for Automatically Switched Multi-Domain Optical Networks//IEEE ICTON 2005,7th International Conference on Transparent Optical Networks. Barcelona, Spain,July 2005
  • 8Mesko D, Viola G, Cinkler T. A Hierarchical and a Non-Hierarchical European Multi-Domain Reference network: Routing and Protection//Networks2006. NewDelhi, India, Nov. 2006
  • 9Joshi J B D, Bhatti R, Bertino E, et al. An Access Control Language for Multidomain Environments. IEEE Intemet Computing, 2004
  • 10Shafiq B , Joshi J B D , Bertino E. Secure Interoperation in a Multi-Domain Environment Employing RBAC Policies. IEEE Transactions on Knowledge and Data Engineering, 2005, 17 (11) : 1557-1577

二级参考文献30

  • 1Blaze M, Feigenbaum J, Lacy J. Decentralized Trust Management. In:Proc. of the IEEE Symposium on Research in Security and Privacy, Research in Security and Privacy,Oakland,CA, May 1996. IEEE Computer Society, Technical Committee on Security and Privacy, IEEE Computer Society Press.
  • 2Blaze M, Feigenbaum J, Ioannidis J, et al. The KeyNote trustmanagement system ,version 2. IETF RFC 2704,Sept. 1999.
  • 3Li N, Mitchell J C, Winsborough W H. Design of a role-based trust-management framework. In: Proc. of the 2002 IEEE Symposium on Security and Privacy. IEEE Computer Society, 2002.
  • 4Li Ninghui,Winsborough W H, Mitchell J C. Distributed credential chain discovery in trust management(extended abstract). In:Proc. of the Eighth ACM Conference on Computer and Communication Security(CCS-8), ACM Press,Nov. 2001. 156~165.
  • 5Freudenthal E, Pesin T, Port L, et al. dRBAC: Distributed rolebased access control for dynamic coalition environments. In:Proc. of the 22nd Intl. Conf. on Distributed Computing Systems (ICDCS02), 2002.
  • 6Li Ninghui, W. H. Winsborough, J. C. Mitchell. Distributed credential chain discovery in trust management. Journal of Computer Security, 2003, 11(1): 35~86.
  • 7Li Ninghui, J. C. Mitchell, W. H. Winsborough. Design of a role-based trust management framework. In: Proc. IEEE Symposium on Security and Privacy. Los Alamitos, CA: IEEE Computer Society Press, 2002.
  • 8C.Wong, M. Gouda, S. Lam. Secure group communications using key graphs. IEEE/ACM Trans. Networking, 2000, 8(1):16~30.
  • 9P. Judge, M. Ammar. Gothic: A group access control architecture for secure multicast and anycast. The 21st Annual Joint Conf. IEEE Computer and Communications Societies, New York, 2002.
  • 10P. McDaniel. Policy management in secure group communication:[Ph. D. dissertation ]. Ann Arbor, MI: Unive rsity of Michigan,2001.

共引文献75

同被引文献36

  • 1张淑芬,陈学斌,刘春风.RSA公钥密码体制的安全性分析及其算法实现[J].计算机应用与软件,2005,22(7):108-110. 被引量:21
  • 2沈海波,洪帆.基于策略的Web服务访问控制研究[J].计算机科学,2007,34(5):107-110. 被引量:5
  • 3李晓峰,冯登国,徐震.一种通用访问控制管理模型[J].计算机研究与发展,2007,44(6):947-957. 被引量:8
  • 4刘伟,蔡嘉勇,贺也平.一种基于信任度的自组安全互操作方法[J].软件学报,2007,18(8):1958-1967. 被引量:10
  • 5LI Gong,QIAN Xiao-lei.The complexity and composability of secureinteroperation[C]//Proc of IEEE Computer Society Symposium onResearch in Security and Privacy.Washington DC:IEEE Computer So-ciety,1994:190-200.
  • 6FERRAIOLO D F,SANDHU R,GAVRILA S,et al.Proposed NISTstandard for role-based access control[J].ACM Trans on Informa-tion and System Security,2001,4(3):224-274.
  • 7KAPADIA A,AL-MUHTADI J,CAMPBELL R H,et al.IRBAC2000:secure interoperability using dynamic role translation,UIUC-DCS-R-2000-2126[R].Champaign,IL:University of Illinois,2000.
  • 8ZHAO Guang,LU Jun-li,YANG Fan,et al.A usage-based authori-zation architecture for multidomain environments[C]//Proc of the2nd International Conference on Networks Security,Wireless Commu-nications and Trusted Computing.2010:245-248.
  • 9ZHANG Yue,JOSHI J B D.Role-based domain discovery in decen-tralized secure interoperations[C]//Proc of International Symposiumon Collaborative Technologies and Systems.2010:84-93.
  • 10LIU Guo-hua.USI-Uniform secure interoperation in grid service andcomputing system[C]//Proc of 2nd International Conference on Infor-mation Engineering and Computer Science,2010:1-4.

引证文献4

二级引证文献15

计算机科学
2009年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部