摘要
针对网格环境下动态授权需求,提出一种支持动态授权的网格授权机制。在对授权策略进行分类并形式化描述的基础上,定义了支持静、动态授权的授权规则。该规则支持组件级、功能级和参数级3种粒度的授权,可满足不同粒度授权的需求并提供协商授权功能。设计了基于静、动态授权规则和授权转换规则的策略匹配算法,并结合该算法给出了可支持静、动态授权的应用实例,应用结果表明了授权机制的可行性和有效性。
To satisfy the need of dynamic authorization in service-oriented gird environment,a dynamic authorization-supported mecha-nism for gird is proposed.Based on the classification and formal description of authorization policy,the rules which support static and dynamic authorization are presented,providing component level,function level and parameter level authorization to satisfy the need of multi-granularity authorization and supporting negotiation-based authorization.A policy-matching algorithm is designed based on the static and dynamic authorization rules.Based on the algorithm,an instance is given to support static and dynamic authorization,and then the feasibility and validity of the authorization mechanism is proven.
出处
《计算机工程与设计》
CSCD
北大核心
2011年第9期2913-2916,共4页
Computer Engineering and Design
基金
国家863高技术研究发展计划基金项目(2006AA01Z457)
关键词
网格服务
动态授权
细粒度授权
协商授权
策略匹配
grid service
dynamic authorization
fine-grained authorization
negotiation-based authorization
policy matching
