摘要
基于网络应用中跨域访问存在的安全隐患及权限限制等问题,提出了逻辑安全域划分的概念,分析了传统的安全域划分、认证和授权模型的弊端,并在该安全域划分的基础上,从分布式认证和授权两个方面提出了切实可行的实现方案,为当前灵活多变的分布式应用,提供了灵活的部署框架。
On the basis of the problems of hidden danger and permission restriction in cross-domain acess in network application,the disadvantage of the traditional security domain the di- vision, authentication and authorization model was analysed, the concept of the logic security do main division was put forword , and on this basis the partical implementation scheme was pro posed according to the distributed authentication and authorization. It could provide flexible de ployment framework for current variable distributed application.
出处
《太原理工大学学报》
CAS
北大核心
2013年第4期526-530,共5页
Journal of Taiyuan University of Technology
基金
山西省国际合作项目(2010-31)
关键词
安全域
认证
代理证书链
跨域身份识别
隧道
委托授权
Security domain division
Authentication
The proxy certificate chain
The cross domain identity recognition
Tunnel
