摘要
业务流程访问控制机制是Web服务组合应用中的难点。针对现有BPEL4WS安全访问控制研究的不足,提出面向活动的BPEL4WS动态访问授权模型(ADABM)。通过解除组织模型和业务流程模型间的耦合关系,ADABM将BPEL4WS访问权限约束细化到活动一级,用户只在流程执行会话期的活动符合安全需求的情况下才拥有Web服务的访问授权,授权随着业务流程上下文动态授予和收回,授权流与业务流同步执行。文中最后还给出ADABM模型在Web服务安全组合应用中的实施框架。
Business process access control mechanism is a difficult problem in Web services composition application. Ac- cording to the current deficiency of research in BPEL4WS secure access control, an Activity-Oriented Dynamic Access Authorization Model for BPEL4WS(ADABM) was proposed. By dissolving the coupling relationship between the or- ganization model and business process model, ADABM refines the BPEL4WS access permission to activity level. The users can obtain the Web services access authorizations only when the corresponding activity meets the security require- ments in BPEL4WS execution session. The grants and revokes of the activity access authorization can be implemented along with the process context. At last, the paper also described the implementation architecture of ADABM in Web services secure composition.
出处
《计算机科学》
CSCD
北大核心
2014年第7期102-104,109,共4页
Computer Science
基金
华中师范大学中央高校基本科研业务费项目(CCNU13A05053)
教育部人文社科项目(11YJA880163)
湖北省教育规划课题(2011B039)
武汉市科技计划项目(2014060101010030)
国家"十二五"科技支撑计划课题(2012BAD35B02)资助
关键词
WEB服务组合
活动
BPEL4WS
访问授权
实现
Web services composition, Activity, BPEL4WS, Access authorization, Implementation