基于指纹识别技术的Web访问控制

在Internet/Intranet的应用中,其安全性面临着严重的挑战,用户在进入系统时,传统方法是通过口令验证其身份,这在某种程度上虽确保了计算机系统的安全,但同时存在着记忆烦琐、易丢失、易遗忘的弊端。因此,急需找到一种更安全的方法。为此提出了基于指纹认证与密钥体制相结合的Web访问控制。并分析了该控制方法的优缺点。

基于SDN的Web访问控制应用研究

在对SDN网络架构研究的基础之上,利用KVM虚拟主机、Open vSwitch虚拟交换机、OpenDayLight控制器搭建了SDN网络实验环境。在SDN网络环境下实现了基于OpenDayLight控制器北向接口的Web访问控制应用。通过此应用的开发,对SDN的网络核心思想及相关技术有了一定程度的掌握。

基于SPKI/SDSI证书的Web服务访问控制模型

文中概述了SPKI/SDSI,分析了Web服务的特点和对其访问的安全需求,提出了一种基于SPKI/SDSI证书的Web服务的访问控制模型,给出了保证其安全性的解决方法,并对SPKI/SDSI证书进行了扩展。

Trust-Compensation-Based Access Control Model for Web Services

For most current Web Service access control methods, Web Service providers create a series of access control roles based on specified attributes. Only by meeting all the roles can a subject obtain the access to necessary operations and resources. However, because of the dynamic and open traits of Web Services, it is difficult for Web Service providers to work out an access control policy with moderate intensity and to realize a satisfactory balance between protecting the security of resources and maintaining the service reachable rate. To provide a solution to the above problem, this paper proposed a trust compensation access control method based on the Attribute-Based Access Control model. Our main contributions include a formal description of the access control method, a method to calculate the attribute trust degree based on time decay, and the trust compensation value of the attribute trust degree, as well as a new Service Oriented Architecture （SOA） architecture and its procedures based on a detailed trust compensation access control method.