期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于角色和属性的Web Services安全模型研究 被引量:2

Research of Role-and-Attribute Based Security Model of the Web Services
下载PDF
导出
摘要 由于基于属性的访问控制所具有的较高灵活性和细粒度的特点,提出了基于角色和属性的Web Services访问控制模型。该模型将属性访问控制引入角色访问控制中,将角色从属性中独立出来与属性同等地作为授权决策的依据,在授权时先考虑用户的角色,只有当用户的角色达到系统的要求时才考虑属性的因素是否满足访问控制的要求,这样便实现了双重访问控制。此模型通过对角色和属性进行访问控制,能够表现出更高的安全性和更细的访问控制粒度。 Since the property of higher flexibility and fine granularity, attribute-based access control was introduced into role-based access control,and a Role-and-Attribute Based Access Control model was proposed. In this model role was independent from the properties and be a basis for decision-making authority with attributes with the equal status in the authorization. When authorized, the system will consider the user's role as a priority, only when the user's role meets the requirements then reconsider the attribute factors which achieved dual access control. This model has a higher security and fine-grained access control with the role and attributes.
作者 孙翠翠 张永胜
机构地区 山东师范大学信息科学与工程学院
出处 《微计算机信息》 2011年第2期148-150,共3页 Control & Automation
基金 山东省自然科学基金(Y2008G22)
关键词 WEB SERVICES 访问控制 角色访问控制 基于属性的访问控制 Web Services access control role-based access control attribute-based access control
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1Thomas Ziebermayr, Stefan Probst. Web Service Authorization Framework [C]. Proceedings of the IEEE International Conference on Web Services. IEEE Computer Society?Washington,DC,USA. 2004:614-621.
  • 2胡晓红,付永军,张志平.基于策略的Web服务安全解决方案研究[J].微计算机信息,2008,24(15):93-94. 被引量:7
  • 3Roosdiana Wonohoesodo,Zahir Tari. A role based accesscontrol for web services [C].IEEE International Conference on Services Computing. Shanghai:IEEE Computer Society Press,2004:49-56.
  • 4Xu Feng, Lin Guoyuan, Huang Hao,et al.Role-based Access Control System for Web Services[C]. Proceedings of the 4th International Conference on Computer and Information Technology, Wuhan, IEEE Computer Society Press, (CIT'04)2004:357-362.
  • 5Shen Hai-bo, Hong Fan. An Attribute-Based Access Control Model for Web Services [C]. Proceedings of the 7th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT'06). 2006:74-79.
  • 6Eric Yuan, Jin Tong. Attributed Based Access Control (ABAC) for Web Services [C]. Proceedings of the IEEE International Conference on Web Services.IEEE ComputerSociety?Washington,DC, USA.2005:561- 569.
  • 7傅鹤岗,李竞.基于属性的Web服务访问控制模型[J].计算机科学,2007,34(5):111-114. 被引量:11
  • 8李晓峰,冯登国,陈朝武,房子河.基于属性的访问控制模型[J].通信学报,2008,29(4):90-98. 被引量:80

二级参考文献26

  • 1古鹏,徐开勇,李立新.基于XKMS的安全Web服务组件的研究与设计[J].微计算机信息,2006,22(02X):22-24. 被引量:3
  • 2钟勇,秦小麟,郑吉平,林冬梅.一种灵活的使用控制授权语言框架研究[J].计算机学报,2006,29(8):1408-1418. 被引量:15
  • 3Wonohoesodo R,Tari Z.A role based access control for Web services.In:IEEE International Conference on Services Computing(SCC 2004),2004.49~56
  • 4Bertino E,Squicciarini A C,Mevi D.A fine-grained access control model for Web services.In:IEEE International Conference on Services Computing(SCC 2004),2004.33~40
  • 5Bhatti R,Bertino E,Ghafoor A.A trust-based context-aware access control model for Web-services.In:IEEE International Conference on Web Services(ICWS'04) Proceedings,2004.184~191
  • 6The Security Assertions Markup Language (SAML) OASIS TC Homepage.http://www.oasisopen.org/committees/tc_home.php? wg-abbrev=security
  • 7The XML Access Control Markup Language (XACML) OASIS TC Homepage,httpt//www.oasisopen.org/committees/tchome.php? wg-abbrev=xacml
  • 8Web Services Security (WSS) OASIS TC Homepage.http://www.oasisopen.org/committees/tc-home.php? wg-abbrev= WSS
  • 9Axis Architecture Guide.http://ws.apache.org/axis/java/architecture-guide.html
  • 10Galbraith B,Hankison W,et al.Web服务安全性高级编程.北京:清华大学出版,2003

共引文献94

同被引文献10

引证文献2

二级引证文献17

微计算机信息
2011年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部