期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于PMI的OA安全模型设计与实现 被引量:1

Design and realization of OA security model based on PMI
下载PDF
导出
摘要 鉴于OA系统中的非授权用户非法操作和合法用户的越权操作,以及PKI的公钥证书(PKC)只能提供身份验证,无法实现权限管理等问题,提出了一种基于PMI(权限管理基础设施)权限管理的OA安全模型。该模型使用PKI的公钥证书和PMI的属性证书进行身份验证和权限管理,防止了非法和越权操作,授权更具公正性和权威性。实践结果表明,该安全模型可以解决OA系统中用户的非授权访问、不可否认性和数据文件的保密性、完整性等安全性问题。 In view of illegal operation of non-authorized users and the operation of ultra vires from the legitimate user in the OA system, as well as the public key certificate of the PKI can only provide authentication, but rights management can not be achieved and so on.A rights management security model is provided based on PMI for the OA system.The model uses public key certificate of PKI and attribute certificate of PMI for the authentication and rights management.It is effective to prevent illegal and ultra vires operation, and make authorization more impartial and authoritative.Practice shows that this security model can solve some security problems like non-authorized users access, non-repudiation, privacy and integrity of the data documents and so on in the OA system.
作者 马国彬 蒋朝惠
机构地区 贵州大学计算机科学与信息学院
出处 《计算机工程与设计》 CSCD 北大核心 2010年第6期1216-1218,共3页 Computer Engineering and Design
基金 贵州省高层次人才科研条件特助基金项目(TZJF-2007(26))
关键词 OA系统 权限管理基础设施 权限管理 属性证书 安全模型 OA system privilege management infrastructure rights management attribute certificate security model
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

二级参考文献26

  • 1黄珉伟.特权管理基础设施的实现模型[J].福建电脑,2004,20(7):19-20. 被引量:1
  • 2[1]ITU-T Recommendation X.509.Information Technology-Open System Interconnection- The Directory:Public Key and Attribute Certificate Framework.2000
  • 3[2]Oppliger R,Permul G,Strauss C.Using Attribute Certificates to Imple-ment Role-based Authorization and Access Controls.http:∥www.entrust, com
  • 4[3]Entrust XML Strategy for Authorization. http:∥www.entrust.com
  • 5[4]ISO 1018 1-3.1nformation Technology - Open Systems Interconnection Security frameworks for Open System:Access Control Framework.
  • 6[5]Boeyen S.X.509 (2000):4th Edition:Overview of PKI & PMI Frame-works.http:∥www.entrust.com
  • 7[1]David Martin,Mark Rouncefield,Ian Sommerville.Applying Patterns of Cooperative Interaction to Work (Re)Design:E-government and Planning[C].Proceedings of the SIGCHI Conference on Human Factors in Computing Systems,2002.
  • 8[2]Jaijit Bhattacharya.Middleware and Technoloty Standards for E-governance[EB/OL].http://www.cse.iitd.ernet.in.
  • 9[3]Sharon A Wheeler.Thin-Client/Server Architectures[EB/OL].http://www.espipd.com,2000-11-28.
  • 10[4]Sakib Abdul Mondal,Kingshuk Das Gupta.Choosing a Middleware for Web-integration of a Legacy Application[C].ACM SIGSOFT Software Engineering Notes,2000.

共引文献24

同被引文献5

  • 1田路,陆国栋.电子政务OA系统的设计与实现[J].计算机工程与设计,2005,26(4):1056-1058. 被引量:9
  • 2惠丽峰,王萍.企业办公自动化(OA)系统的安全策略[J].内蒙古石油化工,2006,32(4):33-34. 被引量:8
  • 3刘梅娟.办公自动化系统的安全性研究及应用.计算机科学,2007,:30-37.
  • 4O.Goldreich,S.Micali,and A.Wigderson.”Proofs that YieldNothing but their Validity”.Journal of the ACM,Volume38(3),pages 690-728,1991.
  • 5A.Fiat and A.Shamir.”How to ProveYourself:Practical Solu-tions to Identification and Signature Problems”In Advances in Cryp-tology-Cryoto,Volume 263 of Lecture Notes in Computer Science,pages186-194,1987.

引证文献1

二级引证文献2

计算机工程与设计
2010年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部