期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于ABAC的Web Services访问控制研究 被引量:2

STUDY ON ACCESS CONTROL FOR WEB SERVICES BASED ON ABAC
下载PDF
导出
摘要 为解决Web Services访问控制问题,分析了传统访问控制模型在Web Services应用中的不足,给出了面向Web Services的基于属性的访问控制模型ABAC(Attribute Based Access Control)的定义,设计了ABAC访问控制架构,并利用可扩展的访问控制标记语言XACMLe(Xtensible Access Control Markup Language)实现了细粒度的Web Services访问控制系统。系统的应用有效保护了Web Services资源。 To deal with access control for web services,the problem of application of traditional access control model in web services is analysed,then the definition of web services-oriented attribute-based access control(ABAC) model is presented,and the architecture of ABAC is designed.Furthermore,the fine-grained access control system for web services is implemented with XACML,the application of the system has effectively protected the resources of web services.
作者 夏春涛 杨艳丽 曹利峰
机构地区 解放军信息工程大学电子技术学院 郑州轻工业学院技术物理系
出处 《计算机应用与软件》 CSCD 北大核心 2012年第2期83-85,104,共4页 Computer Applications and Software
基金 国家高技术研究发展计划项目(2009AA01Z438)
关键词 ABAC WEB SERVICES 访问控制 XACML ABAC Web services Access control XACML
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1沈海波,洪帆.访问控制模型研究综述[J].计算机应用研究,2005,22(6):9-11. 被引量:87
  • 2David F Ferraio]o,Ravi Sandhu,Serban Gavrila, et al. Proposed NIST Standard for Role-Based Access Control[J]. ACM Transactions on In- formation and System Security,2001,4 ( 3 ) :224 - 274.
  • 3Yuan E, Tong Jing. Attribute Based Access control ( ABAC ) for Web Services [ C ]//Proe. of the IEEE International Conference on Web Services. Piseataway,USA:IEEE Computer Society,2005:561 -569.
  • 4沈海波,洪帆.面向Web服务的基于属性的访问控制研究[J].计算机科学,2006,33(4):92-96. 被引量:12
  • 5陈凯,郎波.面向分层式资源的基于属性的访问控制方法[J].计算机工程,2010,36(7):132-135. 被引量:4
  • 6OASIS Standard. eXtensible Access Control Markup Language (XAC- ML) Version 2.0 [ EB/OL]. 2008. http ://docs. oasis-open, org/xac- ml/2.0/access_contml-xacml-2.0-core-spec-os, pelf.
  • 7W3C Note. Simple Object Access Protocol (SOAP) 1.1[EB/OL]. 20(30- 05. http://www, w3. org/TR/2000/NOTE-SOAP20000508/. 08.
  • 8Benjamin Mitchell. Web Services Enhancements (WSE) Technical Arti- cles:Why WSE[EB/OL]. 2005 -02. http://msdn2, microsoft, com/en- us/library/ms996935, aspx.

二级参考文献29

  • 1许峰,林果园,黄皓.Web Services的访问控制研究综述[J].计算机科学,2005,32(2):1-4. 被引量:15
  • 2Yuan E, Tong Jing. Attribute Based Access Control(ABAC) for Web Services[C]//Proc. of the IEEE International Conference on Web Services. Piscataway, USA: IEEE Computer Society, 2005: 561-569.
  • 3Perlman R. An Overview of PKI Trust Models[J]. IEEE Network, 1999, 13(6): 38-43.
  • 4Lang Bo, Foster I, Siebenlist F, et al. Attribute Based Access Control for Grid Computing[EB/OL]. (2006-04-25). ftp://inlb.mcs.anl.gov/ pub/tech reports/reports/P 1367.pdf.
  • 5Park J S, Sandhu R. Smart Certificates: Extending X.509 for Secure Attribute Service on the Web[C]//Proc. of National Information Systems Security Conference. Arlington, USA: [s. n.], 1999: 340-346.
  • 6OASIS. eXtensible Access Control Markup Language(XACML) Version 2.0[EB/OL]. (2005-02-01). docs.oasis-open.org/xacml/2.0/ access_control-xacml-2.0-core-spec-os.pdf.
  • 7L Snyder. Formal Models of Capability-based Protection Systems[ J].IEEE Transactions on Computers, 1981,30(3 ) :172-181.
  • 8R Sandhu, E Coyne, H Feinstein. Role-based Access Control Models[ J]. IEEE Computer, 1996,29 (6) :38-47.
  • 9D Ferraiolo, R Sandhu,et al. Proposed NIST Standard for Role-based Access Control [ J ]. ACM Transactions on Information and System Security(TISSEC) ,2001,4(3) :224-274.
  • 10R Thomas, R Sandhu. Task-Based Authorization Controls(TBAC) : A Family of Models for Active and Enterprise-Oriented Authorization Management[ C]. Lake Tahoe, CA: Proceedings of the 11th IFIP WG11.3 Conference on Database Security, 1997.

共引文献100

同被引文献24

引证文献2

二级引证文献8

计算机应用与软件
2012年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部