摘要
详细介绍了Web服务授权和访问控制机制中一个重要规范:可扩展访问控制标记语言(XACML),给出了基于XACML的访问控制模型的执行流程,使用SUN公司提供的XACML工具包实现了一个具体应用。最后得出此模型更加灵活、安全的结论,特别适用于异构的Web服务环境,并对XACML的发展作了展望。
This paper has introduced a important norms in web service authorization and access control mechanism: eXtensible Access ControlMarkup Language(XACML), Access control model based on XACML outlines in chronological sequence, To illustrate XACML, we show a sample application by Sun Microsystems has created an implementation of XACML. In the end, the model is more flexible,which is especially suitable for the heteromerous environment for Web services. And has made the forecast to the XACML development.
出处
《计算机安全》
2009年第5期64-66,共3页
Network & Computer Security
