期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

多业务系统的统一认证授权研究与设计 被引量:18

Research and design of uniform authentication and authorization of multiple business system
下载PDF
导出
摘要 针对多个业务系统的单一登录和统一认证授权的需求,提出了一种包含用户组和资源组的基于角色的访问控制策略,并利用Acegi构建安全系统和JASIG-CAS实现中央认证服务,设计实现了一个统一的认证授权系统。该认证授权系统对多个业务系统的用户的权限信息进行统一管理,实现了单一登录,并利用缓存机制,减少了在系统认证鉴权过程中对数据库的频繁访问,从而显著的改善了系统的性能。 In accordance with the requirement of SSO and uniform authentication and authorization of multiple business systems, a rolebased access control policy with user group and resource group is put forward, and a uniform authentication and authorization system is designed with Acegi to build security system and JASIG-CAS to act as central authentic service. The system manages user access information centrally for multiple business systems and realizes the function of Single Sign-on and takes advantage of caching mechanism to reduce interaction with the database to significantly improve the performance of the system.
作者 张锐 张建林 孙国忠
机构地区 首都师范大学信息工程学院 曙光信息产业技术有限公司研发中心
出处 《计算机工程与设计》 CSCD 北大核心 2009年第8期1826-1828,共3页 Computer Engineering and Design
基金 信息产业部电子信息产业发展基金项目(2005635)
关键词 认证 授权 单一登录 基于角色的访问控制 缓存机制 authentication authorization single sign-on role-based access control caching mechanism
分类号 TP309.02 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献8

  • 1罗时飞.敏捷Acegi、CAS:构建安I~Java系统[M].北京:电子工业出版社,2007:1-549.
  • 2Acegi security system for spring[EB/OL].http://aeegisecurity.org/,2008-08-20.
  • 3Central authentication service background[EB/OL].http://www.ja-sig.org/products/cas/,2008-08-20.
  • 4梁彬,孙玉芳,石文昌,孙波.一种改进的以基于角色的访问控制实施BLP模型及其变种的方法[J].计算机学报,2004,27(5):636-644. 被引量:30
  • 5Coyne E,Weil T.An RBAC implementation and interoperability standard:The INCITS cyber security 1.1 model[J].IEEE Security and Privacy,2008,6(1):84-87.
  • 6Joshi JBD,Bertino E,Latif U,et al.A generalized temporal role based access control medel[J].lEEE Trans on Knowledge and Data Engineering,2005,17(1):4-23.
  • 7翟征德,冯登国,徐震.细粒度的基于信任度的可控委托授权模型[J].软件学报,2007,18(8):2002-2015. 被引量:34
  • 8Horstmann,CS.Java2核心技术卷Ⅱ:高级特性[M].北京:机械工业出版社,2006:212-224.

二级参考文献30

  • 1Sandhu R., Coyne E.J., Feinstein H.L.,Youman C.E.. Role-based access control model. IEEE Computer, 1996, 29(2): 38~47
  • 2Bell D., LaPadual L.J..Secure computer system: Unified exposition and MULTICS interpretation. MITRE Corporation, Bedford, Mass: Technical Report MTR-2997, 1976
  • 3Lin T.. Bell and LaPadula Axioms: A "new" paradigm for an "old" model. In: Proceedings of the 1992~1993 ACM SIGSAC New Security Paradigms Workshop, Little Compton, 1993, 82~93
  • 4Bell D.. Secure computer systems: A network interpretation. In: Proceedings of the 2nd Aerospace Computer Security Conference, McLean, 1986, 32~39
  • 5Smalley S., Fraser T.. A security policy configuration for the security-enhanced Linux. NAI Labs, Technical Report, 2001
  • 6Mayer F.. An interpretation of a refined Bell-La padula model for the TMach kernel. In: Proceedings of the 4th Aerospace Computer Security Conference, Orlando, FL, 1988, 368~378
  • 7Sandhu R.. Role activation hierarchies. In:Proceedings of the 3rd ACM Workshop on Role-based Access Control, FariFax, 1998, 33~40
  • 8Sandhu R.. Role hierarchies and constraints for lattice-based access controls. In: Proceedings of Computer Security--ESORICS 96, Rome, 1996, 65~79
  • 9Osborn S., Sandhu R., Munawer Q.. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security, 2000, 3(2): 85~106
  • 10Sandhu R.. Lattice-based access control models. IEEE Computer,1993, 26(11):9~19

共引文献62

同被引文献79

引证文献18

二级引证文献34

计算机工程与设计
2009年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部