摘要
目前,Web服务安全供求策略的表示与匹配是句法层次的,通过比较策略在结构和词法上的相似性来确定其兼容性,容易导致错误的匹配结果。为此,提出了基于语义思想来表示和匹配Web服务安全供求策略的方法。通过构造一个一般性的安全本体,提出了Web服务语义安全供求策略的定义方法和匹配算法,将策略的匹配问题转化成语义概念的包含推理问题。理论分析和实验结果表明,本文提出的方法能使策略内容包含必要的语义信息,可有效提高匹配结果的准确性,克服句法级方法存在的不足,同时也能在一定程度上简化策略的定义与管理,从而为Web服务环境下的安全供求策略表示与匹配问题提供了一个更为有效的解决方案。
A novel approach based on semantics was proposed to express and match the security supply-and-demand policy of web service.Through constructing a general security ontology,the definition method and matching algorithm of semantic security supply-and-demand policy for web service were presented,and the matching problem of policy was translated into the subsumption reasoning problem of semantic concept.Both the theoretical analysis and experimental evaluation showed that the proposed approach can present the necessary semantic information in the representation of policy and effectively improve the accuracy of matching result,thus overcomes the deficiency of the syntactic approaches.This approach can also simplify the definition and administration of the policy at the same time,which thereby provides a more effective solution for the expression and matching problem of security policy in web service environment.
出处
《四川大学学报(工程科学版)》
EI
CAS
CSCD
北大核心
2011年第1期116-122,共7页
Journal of Sichuan University (Engineering Science Edition)
基金
国家重点基础研究发展计划资助项目(2007CB310804)
江苏省自然科学基金资助项目(BK2010132)
