期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于SAML的PEP与PDP通信模型设计与实现

Communication model design and implementation between PEP and PDP based on SAML
下载PDF
导出
摘要 针对XACML访问控制模型实体间授权请求与响应的传输问题,提出一种灵活、可扩展的策略执行点PEP与策略决策点PDP通信模型。根据OASIS对SAML规范进行的扩展,该模型中的SAML处理模块将XACML授权请求与响应封装成为SAML授权请求与响应,利用Spring Web Service架构实现模型中的PEP-WS模块和PDP-WS模块,对SAML授权请求与响应进行传输。该模型能够实现XACML授权请求与响应传输的透明性,将实现方式不同的PEP与PDP进行集成,增强了XACML访问控制模型部署的灵活性和可扩展性。 Against the problem of transmitting authorization request and response between the entities of XACML access con- trol model, this paper proposes a flexible, scalable communication model between PEP and PDP. According to the extension of SAML specification, XACML authorization request and response are packaged as SAML authorization request and response. Spring Web Service architecture is used to implement the PEP-WS modules and PDP-WS modules which are responsible for transmitting SAML authorization request and response. The model is designed to achieve the transparency of transmission of authorization request and response, will achieve the integration of PEP and PDP, and enhance the flexibility and scalability of XACML access control model deployment.
作者 李云鹏 李景峰
机构地区 解放军信息工程大学
出处 《计算机工程与应用》 CSCD 2013年第16期107-112,共6页 Computer Engineering and Applications
基金 河南省科技攻关重点项目(No.092101210504)
关键词 可扩展访问控制标识语言 策略执行点 策略决策点 eXtensible Access Control Markup Language(XACML) policy enforcement point policy decision point
分类号 TP39 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1OASIS Standard,eXtensible Access Control Markup Language (XACML) version 2.0[EB/OL].[2011-09-24].http://docs.oasis- open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf.
  • 2冯新扬,沈建京,李平.基于SOAP消息处理链的Web服务访问控制模型[J].计算机工程,2009,35(9):161-163. 被引量:10
  • 3Laborde R,Kamel M,Barrere F,et al.PEP-Point to Enhance Particularly[C]//IEEE Workshop on Policies for Distributed Systems and Networks,2008.
  • 4Sirbi K,Kulkarni P J.Stronger enforcement of security using AOP & Spring AOP[J].Computing,2010,2(6) :99-105.
  • 5Sun' s XACML implementation, version 1.3[EB/OL].[2011-09-24]. http://sunxacml.source forge.net/guide.html.
  • 6OASIS Standard, SAML 2.0 profile of XACML version 2.0 [EB/OL].[2011-09-24].http ://docs.oasis-open.org/xacml/3.0/xac- ml-profile-saml2.0-v2-spec-cs-01-en.pdf.
  • 7Walls C.Spring in action[M].2nd ed.[S.1.]: Manning Publica- tions, 2008.
  • 8文俊浩,曾骏,张志宏.SOA中基于属性的访问控制安全策略[J].计算机科学,2010,37(9):147-150. 被引量:8
  • 9努尔买买提.黑力力,罗振兴,林作铨.基于XACML的访问控制与RBAC限制[J].计算机工程,2008,34(8):19-21. 被引量:3
  • 10Scaglioso P G.Modem standard-based access control in net- work services:XACML in action[J].Computer Science and Network Security, 2008,8 (12) : 296-365.

二级参考文献20

  • 1李晓峰,冯登国,徐震.基于扩展XACML的策略管理[J].通信学报,2007,28(1):103-110. 被引量:10
  • 2Haefel R M.J2EE Web Services高级编程[M].崔洪斌,王爱民,译.北京:清华大学出版社,2005.
  • 3Martin R C.敏捷软件开发:原则、模式与实践[M].邓辉.译.北京:清华大学出版社,2003.
  • 4Diephouse D.XFire Documentation[EB/OL].(2007-01-12).http://xfire.codehaus.org.
  • 5STEELC,NAGAPPANR,LAIR.安全模式[M].陈秋萍,罗邓,袁国忠,译.北京:机械工业出版社,2006.
  • 6Sandhu R S,Coyne E J,Feinstein H L,et al.Role-based access control models[J].Computer,1996,29(2),38-47.
  • 7Yuan E,Tong J.Attributed based access control(ABAC) forWeb services[C] ∥IEEE International Conference on Web Ser-vices(ICWS'05).2005.
  • 8OASIS.eXtensible Access Control Markup Language(XACML) v2.0[S].OASIS Standard.http://docs.oasis-open.org/xacml/2.0/,2005-5.
  • 9OASIS.Security Assertion Markup Language(SAML) v2.0.
  • 10OASIS Standard.http://docs.oasis-open.org/security/saml/v2.0/,2005-5.

共引文献18

计算机工程与应用
2013年 第16期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部