摘要
Web服务的分布式与异构性,使得对服务请求者的身份认证和授权复杂化。针对这些问题提出了一个基于SAML、XACML、RBAC等关键技术的身份认证与访问控制模型。该模型采用SAML辅件技术实现Web服务的单点登录;用XACML实现RBAC模型,简化授权管理,同时达到对资源的细粒度访问控制的目标;用扩展的SAML语法保证XACML信息的安全有效传输。
The distributed and heterogeneous characteristics of Web services make the identity authentication and authorization of service requester complicated. For these problems, an identity authentication and' access control model based on SAML, XACML, and RBAC key technologies is presented. The model adopts SAML artifact technology to realize single sign-on of Web services, uses XACML to implement RBAC model, simplifies the authorization management and achieves the target of fine-grained access control for resources, and ensures safe and effective XACML information transmission by extensible SAML syntax.
出处
《计算机时代》
2009年第10期21-23,共3页
Computer Era