摘要
可扩展访问控制标记语言XACML得到了广泛应用。为提高XACML策略的评估效率,提出一种基于韦恩图法的XACML策略优化算法。将XACML策略规则的组成结构用集合论中的韦恩图表示,在设定合并算法优先级的基础上,借助集合间的交并关系,检测和消除策略规则间的冲突与冗余,提高策略评估效率。实验测试表明,该算法在各主流引擎下将请求评估时间平均缩短10%~20%,同时能减少占用的存储空间,达到策略优化的目的。
Extensible access control markup language XACML is widely used.To improve the efficiency of XACML policy evaluation,an XACML policy optimization algorithm based on Venn graphic method was proposed.The XACML policy and rule structure are expressed as the Venn diagrams in the set theory.On the basis of setting the combination algorithm priorities,the conflicts and redundancies among the policies and rules are detected and eliminated according to the intersection and union relations between the sets.The experimental tests show that the algorithm reduces the evaluation time by10%to20%for the mainstream engines and decreases the occupied memory space at the same time,which hence achieves the purpose of the policy optimization.
作者
卢秋如
陈建平
马海英
陈韦旭
LU Qiu-ru;CHEN Jian-ping;MA Hai-ying;CHEN Wei-xu(School of Computer Science and Technology, Nantong University,Nantong226019,China)
出处
《计算机科学》
CSCD
北大核心
2017年第12期110-113,125,共5页
Computer Science
基金
国家自然科学基金项目(61402244)
南通市应用基础研究项目(GY2015012)
南通大学自然科学基金项目(15z06)资助
