Quorum system is a preferable model to construct distributed access control architecture, but not all quorum system can satisfy the requirements of distributed access control architecture. Aiming at the dependable pro...Quorum system is a preferable model to construct distributed access control architecture, but not all quorum system can satisfy the requirements of distributed access control architecture. Aiming at the dependable problem of authorization server in distributed system and combining the requirements of access control, a set of criterions to select and evaluate quorum system is presented. The scheme and algorithm of constructing an authorization server system based on Paths quorum system are designed, and the integrated sys- tem performance under some servers attacked is fully analyzed. Role-based access control on the Web implemented by this scheme is introduced. Analysis shows that with certain node failure probability, the scheme not only has high dependability but also can satisfy the special requirements of distributed access control such as real-time, parallelism, and consistency of security policy.展开更多
The performance of three wireless local-area network(WLAN) media access control(MAC) protocols is investigated and compared in the context of simulcast radioover-fiber-based distributed antenna systems(RoF-DASs) where...The performance of three wireless local-area network(WLAN) media access control(MAC) protocols is investigated and compared in the context of simulcast radioover-fiber-based distributed antenna systems(RoF-DASs) where multiple remote antenna units(RAUs) are connected to one access point(AP) with different-length fiber links.The three WLAN MAC protocols under investigation are distributed coordination function(DCF) in basic access mode,DCF in request/clear to send(RTS/CTS) exchange mode,and point coordination function(PCF).In the analysis,the inter-RAU hidden nodes problems and fiber-length difference effect are both taken into account.Results show that adaptive PCF mechanism has better throughput performances than the other two DCF modes,especially when the inserted fiber length is short.展开更多
The systematical structure of the role-based access control was analyzed,giving a full description of the definitions of user,user access,and the relation between post role and access. It puts forward a role-based acc...The systematical structure of the role-based access control was analyzed,giving a full description of the definitions of user,user access,and the relation between post role and access. It puts forward a role-based access control management which is relatively independent in the applied system. This management achieves the control on user's access by distribution and cancel of role-play,which is a better solution to the problems of the access control management for the applied system. Besides,a complete scheme for the realization of this access control was provided.展开更多
Based on a proposed Web service-based grid architecture, a service grid middleware system called CROWN is designed in this paper. As the two kernel points of the middleware, the overlay-based distributed grid resource...Based on a proposed Web service-based grid architecture, a service grid middleware system called CROWN is designed in this paper. As the two kernel points of the middleware, the overlay-based distributed grid resource management mechanism is proposed, and the policy-based distributed access control mechanism with the capability of automatic negotiation of the access control policy and trust management and negotiation is also discussed in this paper. Experience of CROWN testbed deployment and application development shows that the middleware can support the typical scenarios such as computing-intensive applications, data-intensive applications and mass information processing applications.展开更多
基金Supported by the National Natural Science Foundation of China (70771043, 60873225, 60773191)
文摘Quorum system is a preferable model to construct distributed access control architecture, but not all quorum system can satisfy the requirements of distributed access control architecture. Aiming at the dependable problem of authorization server in distributed system and combining the requirements of access control, a set of criterions to select and evaluate quorum system is presented. The scheme and algorithm of constructing an authorization server system based on Paths quorum system are designed, and the integrated sys- tem performance under some servers attacked is fully analyzed. Role-based access control on the Web implemented by this scheme is introduced. Analysis shows that with certain node failure probability, the scheme not only has high dependability but also can satisfy the special requirements of distributed access control such as real-time, parallelism, and consistency of security policy.
基金supported in part by National 973 Program(2012CB315705)NSFC Program(61302086,61271042,61107058, 61302016,and 61335002)+2 种基金Specialized Research Fund for the Doctoral Program of Higher Education(20130005120007)Program for New Century Excellent Talents in University(NCET-13-0682)Fundamental Research Funds for the Central Universities
文摘The performance of three wireless local-area network(WLAN) media access control(MAC) protocols is investigated and compared in the context of simulcast radioover-fiber-based distributed antenna systems(RoF-DASs) where multiple remote antenna units(RAUs) are connected to one access point(AP) with different-length fiber links.The three WLAN MAC protocols under investigation are distributed coordination function(DCF) in basic access mode,DCF in request/clear to send(RTS/CTS) exchange mode,and point coordination function(PCF).In the analysis,the inter-RAU hidden nodes problems and fiber-length difference effect are both taken into account.Results show that adaptive PCF mechanism has better throughput performances than the other two DCF modes,especially when the inserted fiber length is short.
文摘The systematical structure of the role-based access control was analyzed,giving a full description of the definitions of user,user access,and the relation between post role and access. It puts forward a role-based access control management which is relatively independent in the applied system. This management achieves the control on user's access by distribution and cancel of role-play,which is a better solution to the problems of the access control management for the applied system. Besides,a complete scheme for the realization of this access control was provided.
文摘Based on a proposed Web service-based grid architecture, a service grid middleware system called CROWN is designed in this paper. As the two kernel points of the middleware, the overlay-based distributed grid resource management mechanism is proposed, and the policy-based distributed access control mechanism with the capability of automatic negotiation of the access control policy and trust management and negotiation is also discussed in this paper. Experience of CROWN testbed deployment and application development shows that the middleware can support the typical scenarios such as computing-intensive applications, data-intensive applications and mass information processing applications.
