摘要
针对多值属性分量的XACML策略和策略请求之间的匹配需求,分析多值属性策略匹配中策略规则与请求匹配时两者的对应属性关系,依据属性之间的包含关系和权限蕴含关系,给出3个关于策略匹配的定理并加以证明。根据策略匹配的定理,提出多值属性匹配算法。最后进行实验验证,结果表明该算法能够提高多值属性分量策略的匹配效率。
Aiming at the demand of matching between the XACML policy and request based on the multi-valued attribute,this paper analyzed the corresponding attribute relationships between policy rule and the request.Three related theorems were proposed and proved based on the relationship between attributes implication and permissions implication.According to the three policy matching theorems,a matching algorithm was put forward.Finally,several experiments show that the algorithm enhances the matching efficiency.
出处
《计算机科学》
CSCD
北大核心
2014年第6期104-107,共4页
Computer Science
基金
国家863计划(2006AA01Z457)资助
关键词
XACML
策略
多值属性
匹配定理
匹配算法
XACML
Policy
Multi-valued attribute
Matching theorem
Matching algorithm