摘要
在研究面向Web的访问控制框架基础上,对原有的轻量级目录进行改进,提出了一种面向客体的动态授权策略。在此基础上,对权限管理基础设施PMI(Privilege Management Infrastructure)中的多个PMI节点进行逻辑分级,设计了一个适用于卫星通信运控系统的监控系统访问控制框架——面向Web基于属性的访问控制框架,实现了对监控信息的细粒度访问控制。
Based on studying the framework of access control in web-oriented system,we designed an object-oriented dynamic authorization policy after improving previous Light-Directory(LD).Basing on the improved LD,and with logical classification of nodes in PMI,we designed an ABAC(attribute based access control)-based web-oriented access control framework which is suitable for Satellite Communication Operation Control System,and realized fine-grained access control on monitoring information.
出处
《计算机应用与软件》
CSCD
2010年第1期174-176,190,共4页
Computer Applications and Software
关键词
权限管理基础设施
可扩展访问控制标记语言
轻量级目录访问协议
Privilege Management Infrastructure(PMI) Extensible access control marking language Light directory access protocol
