期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于网格的安全信息访问控制研究

Research on access control of security information based on grid
下载PDF
导出
摘要 现有的网格安全体系GSI主要是通过公钥体系及建立在其上的分布式信任模型来建立与维护虚拟组织内部的安全策略空间。然而,GSI中对可移动进程的支持并不理想。基于此,研究了如何维持在策略空间穿越中的安全信息的完整性与有效性,提出了基于安全信息的动态访问控制算法。通过资源提供者自行设置的算法计算出对操作的许可程度,增强了移动进程的灵活性和网络安全设施的可用性以及支持力度。 Current grid security infrastructure establishes the security policy space inside a VO mainly on basis of the public key infrastructure and distributed trust model. However, GSI lacks in supporting the mobility of those mobile processes that are traveling in grid environment. How to maintain integrity and validity of security information is studied through policy spgce and a dynamic access control algorithm based on security information is presented. Though calculating extent of operation license with algorithms by resource providers, flexibility of mobile processes and availability of network security facilities are enhanced.
作者 李海燕 王艳萍
机构地区 河南郑州铁路职业技术学院
出处 《计算机工程与设计》 CSCD 北大核心 2009年第2期327-329,445,共4页 Computer Engineering and Design
关键词 网格 策略空间 阈值 信任 访问控制 grid policy space threshold trust access control
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

  • 1刘怡文,李伟琴,韦卫.信息网格安全体系结构的研究[J].北京航空航天大学学报,2003,29(7):631-635. 被引量:23
  • 2张纲,李晓林,游赣梅,徐志伟.基于角色的信息网格访问控制的研究[J].计算机研究与发展,2002,39(8):952-957. 被引量:43
  • 3Li N,GrosofB,Feigenbaum J.Delegation logic:A logic-based approach to distributed authorization[J].ACM Transaction on Information and System Security(TIS SEC),2003,6(1 ): 128-171.
  • 4Thompson M,Essiari A,Mudumbai S.Certificate-based authorization policy in a PKI environment[J].ACM Transactions on Information and System Security(TISSEC),2003,6(4):566-588.
  • 5Zhang G,Parashar M.Dynamic context-aware access control for grid applications[C].4th International Workshop on Grid Computing,2003.
  • 6Welch V, Foster I,Kesselman C,et al. X.509 proxy certificates for dynamic delegation[C].3rd Annual PKI R&D Workshop, 2004.
  • 7Welch V, Siebenlist F, Foster I,et al.Security for grid services[C]. Twelfth Intemational Symposium on High Performance Distributed Computing(HPDC- 12),2003.

二级参考文献7

  • 1Foster I, Kesselman C. Globus project [ EB/OL]. http ://www. globus. org. 2001.
  • 2Tuecke S. Grid security infrastructure(GSI) roadmap[EB/OL], http://www. gridforum, org/security/ggfl-2001-03/drafts/ draft-gridforum-gsi-roadmap-02, txt. 2001.
  • 3Foster I, Kesselman C, Tsudik G, et al. A security architecture for computational grids[A]. In: Reiter M, ed. Proceedings of the 5^th ACM conference on computer and communications security[J]. New York: ACM Press, 1998.83 ~ 91.
  • 4Jackson K, Tuecke S, Engert D. TLS delegation protocol [ EB/OL].http: //www. gridforum, org/security/ggf1-2001-03/drafts/draft- ggf-tlsdelegation-09, txt, 2001.
  • 5Tuecke S, Engert D, Foster I. Internet X .509 public key infrastructure proxy certificate profile [ EB/OL]. http://caops. es. net/documents/certprofile, doc, 200.1.
  • 6Wong C, Gouda M, Lain S. Secure group communications using key graphs[ EB/OL]. hup://www.acm. org/sigcomm/sigcomm98/ rp/paper06, pdf, 1998.
  • 7徐志伟,李晓林,游赣梅.织女星信息网格的体系结构研究[J].计算机研究与发展,2002,39(8):948-951. 被引量:64

共引文献63

计算机工程与设计
2009年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部