期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网格计算中一种基于属性的访问控制方法 被引量:1

Attribute-based access control method in grid computing
下载PDF
导出
摘要 为了迎合目前网格计算对动态、细粒度授权的需求,针对网格资源分层式的组织结构特点,在现有的基于属性的访问控制(ABAC)模型的基础上,提出了一种针对网格资源的ABAC模型Grid_ABAC,并设计了基于XACML的Grid_ABAC实现框架,应用在GT4平台上。最后对GT4中的应用作了测试,测试结果表明授权结果与预期结果相同,且时间开销随着规模的增长并没有增长很多,在可接受范围内。证明Grid_ABAC模型在网格平台上具有一定的实用性。 In order to satisfy the grid' s need for dynamic and fine-grained authorization policy, this paper presented a model named Grid_ABAC for grid computing. This model based on the layed structure of grid resources and the current ABAC model. Also designed implementation architecture of Grid_ABAC with XACML and used it in GT4 platform. At last, made a test in Globus platform. The result shows that the authorization result is identical to the expected result and the time cost doesn' t increased apparently with the increase of test scope. Grid_ABAC model is valid in grid platform.
作者 倪文婷 郎波
机构地区 北京航空航天大学计算机学院软件开发环境国家重点实验室
出处 《计算机应用研究》 CSCD 北大核心 2010年第2期699-703,共5页 Application Research of Computers
基金 国家"863"计划资助项目(2006AA01Z441)
关键词 网格计算 Globus网格平台 基于属性的访问控制 可扩展访问控制标记语言 grid computing Globus platform attribute-based access control XACML
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

  • 1ISO/IEC 10181-3, Information technology: open system interconnection security frameworks for open system: access control framework [ S]. Geneva: ISO/IEC,1996.
  • 2YUAN E, TONG J. Attribute based access control (ABAC) for Web services[ C]//Proc of IEEE International Conference on Web Services. Piscataway : IEEE Computer Society, 2005:561 - 569.
  • 3OASIS: eXtensible access control markup language (XACML) version 2.0 [ EB/OL ]. (2003-08 ) [ 2008-10-05 ]. http ://www. oasisopen. org/committees,/xacml/ .
  • 4LANG Bo, IAN F, FRANK S, et al. Attribute based access control for grid computing [ EB/OL]. (2006). Ftp. mcs. anl. gov/pub/tech_ reports/reports/P1367, pdf.
  • 5LANG Bo, LU You, LI Wei-qin. A flexible access control mechanism supporting large scale distributed collaboration [ C ]//Proc of the 8th International Workshop on CSCW in Design. 2004.
  • 6GT4.0 : Security : authorization framework [ EB/OL ]. ( 2004- 06 ) [ 2007-12 - 20 ]. http ://www. globus, org/toolkit/docs/4.0/security/ authzframe/.
  • 7DEMCHENKO Y, GOMMANS L, LAAT C de. Using SAML and XACML for complex resource previsioning in grid based applications [ C ]//Proc of IEEE Workshop on Policies for Distributed Systems and Networks. 2007 : 183-187.

同被引文献6

  • 1BONATYI P, De CAPITANI Di VIMERCATI S SAMARATI P,et al. An algebra for composing access control policies[ J]. ACM Trans on Information and System Security, 2002,5 ( l ) : 1-35.
  • 2WIJESEKERA D, JAJODIA S. Apropositional policy algebras for access control[ J]. ACM Yrans on Information and System Security, 2003,6(2) :286-325.
  • 3BACKES M, DURMUTH M, STEINWANDT R. An "algebra for composing enterprise privacy policies [ C ]//Proc of the 9th European Symp on Research in Computer Security. Berlin: Springer-Verlag, 2004 : 33-52.
  • 4HU V C,FERRAIOLO D F,SCARFONE K. Access control policy combinations for the grid using the policy machine [ C ]//Proc of the 7th IEEE International Symp on Cluster Computing and the Grid. Washington : IEEE Computer Society,2007:225-232.
  • 5CHENG Xiang-ran, CHEN Xing-yuan, ZHANG Bin,et al. An algebra for composing access control policies in grid [ C ]//Proc of International Conference on Computational Intelligence and Security. 2009: 526-530.
  • 6林莉,怀进鹏,李先贤.基于属性的访问控制策略合成代数[J].软件学报,2009,20(2):403-414. 被引量:41

引证文献1

二级引证文献5

计算机应用研究
2010年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部