期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

面向Web服务的交互访问控制 被引量:1

Web Services Oriented Interactive Access Control
下载PDF
导出
摘要 针对传统访问控制策略的不足,提出面向Web服务的交互式访问控制策略模式,为适应Web服务间的信息交互访问安全,设计一种基于SAML认证授权框架以实现协同用户与服务商之间交互访问的匹配机制。以Web服务的访问控制过程为例,分析Web服务的交互式访问控制协议的实现过程,结果证明,该协议能为Web服务提供更细粒度的访问控制。 Aiming at the deficiency of traditional eXtensible Access Control Markup Language(XACML), this paper proposes the structure of Web services oriented interactive access control protocol and its implementation, in order to ensure the security of information transmission, this paper presents a framework of SAML based certification authority to design the matching mechanism. It takes the process of authorization for Web services access as an example, analyzing the process of interactive Web service access control protocol, and proves result that it can provide better support to the safety of access control for collaborative applications such as collaborative business environment and mobile business environment platform.
作者 陈英勇 辛明军 吴绍春
机构地区 上海大学计算机工程与科学学院
出处 《计算机工程》 CAS CSCD 北大核心 2009年第14期166-167,170,共3页 Computer Engineering
基金 上海市教委重点学科基金资助项目(J50103) 上海市教委创新基金资助项目
关键词 WEB服务 可扩展访问控制标记语言 交互式访问控制 协议 Web services eXtensible Access Control Markup Language(XACML) interactive access control protocol
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献4

  • 1傅鹤岗,李竞.基于属性的Web服务访问控制模型[J].计算机科学,2007,34(5):111-114. 被引量:11
  • 2OASIS XACML Technical Committee.Web Services Profile of XACML(WS-XACML) Version 1.0,Working Draft 8[EB/OL].(2006-12-12).http://www.oasisopen.org/committees/download.php/ 21490/xacml-3.0-profile-webservices-spec-v1.0-wd-8-en.pdf.
  • 3Koshutanski H,Massacci F.Interactive Access Control for Web Services[C]//Proc.of the 19th IFIP Information Security Conference.Toulouse,France:[s.n.],2004:150-166.
  • 4OASIS XACML Technical Committee.SAML 2.0 Profile of XACML,Version 2,Working Draft 3[EB/OL].(2007-03-06).http://www.oasisopen.org/committees/download.php/22765/xacmlprofilesaml2.0-v2-wd-2.zip.

二级参考文献8

  • 1Wonohoesodo R,Tari Z.A role based access control for Web services.In:IEEE International Conference on Services Computing(SCC 2004),2004.49~56
  • 2Bertino E,Squicciarini A C,Mevi D.A fine-grained access control model for Web services.In:IEEE International Conference on Services Computing(SCC 2004),2004.33~40
  • 3Bhatti R,Bertino E,Ghafoor A.A trust-based context-aware access control model for Web-services.In:IEEE International Conference on Web Services(ICWS'04) Proceedings,2004.184~191
  • 4The Security Assertions Markup Language (SAML) OASIS TC Homepage.http://www.oasisopen.org/committees/tc_home.php? wg-abbrev=security
  • 5The XML Access Control Markup Language (XACML) OASIS TC Homepage,httpt//www.oasisopen.org/committees/tchome.php? wg-abbrev=xacml
  • 6Web Services Security (WSS) OASIS TC Homepage.http://www.oasisopen.org/committees/tc-home.php? wg-abbrev= WSS
  • 7Axis Architecture Guide.http://ws.apache.org/axis/java/architecture-guide.html
  • 8Galbraith B,Hankison W,et al.Web服务安全性高级编程.北京:清华大学出版,2003

共引文献10

同被引文献24

  • 1沈海波,洪帆.Web服务中结合XACML的基于属性的访问控制模型[J].计算机应用,2005,25(12):2765-2767. 被引量:8
  • 2沈海波,洪帆.基于WS-Federation的Web服务跨域单点登录认证分析[J].计算机应用研究,2006,23(2):116-118. 被引量:13
  • 3Feng He, Jia Jinle. Apply the technology of RBAC and WS:Security for secure web services environment in campus[ C]/ /ICMLC, 2006. 1.1.
  • 4Nassr, Nezar Steegmans. A parameterized RBAC ac- cess model for WS-BPEL orchestrated composite[C]// ICITST,2011. 1. 1.
  • 5Dunlu Peng, Chen Li. An Extended Username Token- Based Approach for Rest-Style Web Services Environ ment[C]//CCSIT, 2009.
  • 6Stephen Farrell. Irving Reid.. Security Assertion Markup Language (SAML) OASIS Standard, 5 No- vember 2002.
  • 7Jafary P, Lobov A, Lastra J L M. Enhancement of Security in the hierarchy model of control and automa- tion by applying single sign-on for google apps[C]// Proceedings of the 6^th ACM Workshop on Formal Methods in Security Engineering, 2008 : 1-10.
  • 8Rosenberg J, Schulzrinne H. SIP: Session Initiation Protocol. RFC 3261.
  • 9Godiks, Mosest. OASIS: eXtensible access control markup language(XACML) version 2. 02004, com- mittee draft 01[EB/OL].
  • 10王尚平,马宏亮,张亚玲,王晓峰.基于XACML的Web服务信任协商方案[J].计算机工程,2008,34(11):137-139. 被引量:2

引证文献1

计算机工程
2009年 第14期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部