摘要
现有的网格安全体系GSI主要是通过公钥体系及建立在其上的分布式信任模型来建立与维护虚拟组织内部的安全策略空间。然而,GSI中对可移动进程的支持并不理想。基于此,研究了如何维持在策略空间穿越中的安全信息的完整性与有效性,提出了基于安全信息的动态访问控制算法。通过资源提供者自行设置的算法计算出对操作的许可程度,增强了移动进程的灵活性和网络安全设施的可用性以及支持力度。
Current grid security infrastructure establishes the security policy space inside a VO mainly on basis of the public key infrastructure and distributed trust model. However, GSI lacks in supporting the mobility of those mobile processes that are traveling in grid environment. How to maintain integrity and validity of security information is studied through policy spgce and a dynamic access control algorithm based on security information is presented. Though calculating extent of operation license with algorithms by resource providers, flexibility of mobile processes and availability of network security facilities are enhanced.
出处
《计算机工程与设计》
CSCD
北大核心
2009年第2期327-329,445,共4页
Computer Engineering and Design
关键词
网格
策略空间
阈值
信任
访问控制
grid
policy space
threshold
trust
access control