一种基于XACML的混合云跨域资源访问控制方案

混合云计算环境下,服务资源组合灵活、迁移频繁,资源之间的访问授权不易建立与维护。采用传统的访问控制机制对跨域资源进行授权,存在性能瓶颈与共谋攻击等问题。在研究混合云架构的基础上,提出一种基于XACML属性协商机制的混合云跨域资源访问控制方案。采用XACML架构作为跨域资源间授权访问模型,为细粒度的资源授权访问提供支持。在该模型基础上,通过属性协商策略推理引擎对协商属性进行扩展,提高协商效率。采用树状结构的XML语言描述协商策略,便于进行属性授权推理。针对协商推理过程中产生的属性暴露树结构,设计协商策略剪枝算法。最后,通过实验验证方案的可行性和高效性。     

Web服务中结合XACML的基于属性的访问控制模型

分析了XACML（eXtensible Access Control Markup Language,可扩展访问控制标记语言）的特点,提出了一种面向Web服务的结合XACML的基于属性的访问控制（Attribute-Based Access Control,ABAC）模型。模型采用基于用户、资源和环境属性、而不是基于用户身份的授权机制,可动态地评估访问请求,提供细粒度的访问控制;采用XACML标准,既可增加互操作性,又能适用于分布式环境,特别适合于Web服务的动态性、异构性等特点。     

基于属性的跨域访问控制模型设计

本文针对基于Web服务跨域访问控制问题,首先对该问题进行了系统的分析,进而采用SAML身份认证机制和XACML访问控制策略结合ABAC的方法,提出了基于属性的跨域访问控制模型,从而实现了分布式平台的单点登录、多点认证和跨域访问。     

基于互信属性调配机制的访问控制模型

在基于属性的访问控制中一个重要的问题是对属性资源的获取以及对敏感属性和敏感访问控制策略的保护。传统访问控制属性资源的获取方法已经不能满足开放式的网络环境下的访问控制要求。在自动信任协商机制基础上提出了一种新的授权决策机制——互信属性调配机制（MTAD）,并将其应用到基于属性的访问控制模型中。通过对模型的分析可以看到该模型较好地解决了动态授权、访问效率、授权粒度、属性信息的安全性和敏感属性的保护等问题。     

面向Web服务工作流系统的访问控制模型

提出了一种面向Web服务工作流系统的访问控制模型（WSWF-RBAC）。在基于角色的访问控制模型基础上引入系统资源的概念,把Web服务对象、属性和其它功能模块当做资源统一管理。引XT资源访问模式的概念,在约束条件下通过与资源的运算生成系统权限,从而实现了对权限的精细管理和动态调整能力。通过扩展web服务访问的角色集和用户集,并引入角色扮演对象,实现了工作流系统中Web服务与其它模块访问控制的一致性。将该模型应用于库房供应链系统中,运行结果表明,该模型能够增强Web服务工作流系统授权的灵活性和安全性。     

基于XACML的Web服务安全访问控制模型

Web服务已成为新一代电子商务的框架,其安全问题是不可忽视的问题,需要一种灵活高效的访问控制来保护.通过分析可扩展访问控制标记语言(XACML)和授权管理基础设施(PMI),给出了一种适合于Web服务安全的访问控制系统模型.该系统模型基于属性证书和策略集,用XACML作为描述访问控制决策的语言,适用于Web服务的动态性、异构性等特点.     

为Web服务访问控制构建沙盒模型

本文提出了一种Web服务访问控制沙盒模型。该模型不仅可以利用传统的身份验证还可以通过扩展SOAP消息,加入角色信息,利用角色验证来保证Web服务的访问安全。此外,该模型还提出了一种安全管理器的机制,该机制使得Web服务创建者和维护者可以更底层更灵活地保障Web服务访问安全。     

结合属性和角色的Web服务访问控制

在分析Web服务访问控制需求的基础上,指出了现有访问控制模型在Web服务访问控制方面的局限性,提出了一种结合属性和角色的Web服务访问控制模型ARBAC,给出了软件实现结构.ARBAC模型给出了Web服务访问控制领域中的概念定义,提出了相关判定定理.ARBAC模型根据Web服务资源对用户的属性限制条件自动生成角色集,完成用户到角色、权限到角色的映射,能够表达职责分离约束、环境参数限制和最小权限策略,统一了Web服务和服务所涉及的数据资源的访问控制.     

面向Web服务资源的两层访问控制方法

Web服务资源具有静态的Web服务接口和动态的有状态资源两个组件.针对这两个组件的不同特征为它提出一种基于属性的两层访问控制方法(Two Level Attribute-Based Access Control,2L-ABAC).2L-ABAC扩展基于属性的访问控制模型(Attribute-Based Access Control,ABAC),对这两个组件分别进行访问控制.ABAC系统的访问决定依赖于用户提供的主体属性,所以2L-ABAC采用策略发布机制告知用户所需的属性,并根据各层特征分别采用WSDL附件和元数据交换两种发布方式.除了分层设计带来的灵活性,2L-ABAC还继承了ABAC模型的特性,能够对来自其他安全域的用户进行访问控制.另外,它基于相关国际规范实现,如XACML和SAML,故具有通用性.     

面向Web服务的交互访问控制

针对传统访问控制策略的不足,提出面向Web服务的交互式访问控制策略模式,为适应Web服务间的信息交互访问安全,设计一种基于SAML认证授权框架以实现协同用户与服务商之间交互访问的匹配机制。以Web服务的访问控制过程为例,分析Web服务的交互式访问控制协议的实现过程,结果证明,该协议能为Web服务提供更细粒度的访问控制。     

Model-driven trust negotiation for Web services

Trust negotiation is an approach to access control whereby access is granted based on trust established in a negotiation between the service requester and the service provider. Trust negotiation systems avoid several problems facing traditional access control models such as DAC (discretionary access control) and MAC (mandatory access control). Another problem is that Web service providers often do not know requesters identities in advance because of the ubiquitousness of services. We describe Trust-Serv, a trust negotiation framework for Web services, which features a policy language based on state machines. It is supported by lifecycle management and automated runtime enforcement tools. Credential retrieval and validation in Trust-Serv rely on predefined Web services that provide interactions with attribute assertion authorities and public key infrastructure.     

Ws-AC: A Fine Grained Access Control System for Web Services

The emerging Web service technology has enabled the development of Internet-based applications that integrate distributed and heterogeneous systems and processes which are owned by different organizations. However, while Web services are rapidly becoming a fundamental paradigm for the development of complex Web applications, several security issues still need to be addressed. Among the various open issues concerning security, an important issue is represented by the development of suitable access control models, able to restrict access to Web services to authorized users. In this paper we present an innovative access control model for Web services. The model is characterized by a number of key features, including identity attributes and service negotiation capabilities. We formally define the protocol for carrying on negotiations, by specifying the types of message to be exchanged and their contents, based on which requestor and provider can reach an agreement about security requirements and services. We also discuss the architecture of the prototype we are currently implementing. As part of the architecture we propose a mechanism for mapping our policies onto the WS-Policy standard which provides a standardized grammar for expressing Web services policies.     

Multi-attribute negotiation mechanism for manufacturing service allocation in smart manufacturing

Smart manufacturing is undergoing rapid development along with many disruptive technologies, such as Internet of Things, cyber-physical system and cloud computing. A myriad of heterogeneous manufacturing services can be dynamically perceived, connected and interoperated to satisfy various customized demands. In smart manufacturing, the market equilibrium is variable over time due to changes in demand and supply. Thus, efficient manufacturing service allocation (MSA) is critical to implementation of smart manufacturing. This paper considers the MSA problem under market dynamics with maximization of utility of customers and service providers. Many conventional methods generally allocate manufacturing services to the customers by multi-objective optimization without considering the impact of interactions between customers and service providers. This paper presents a multi-attribute negotiation mechanism to address the MSA problem under time constraints relying on autonomous agents. The proposed negotiation mechanism is composed of two models: an atomic manufacturing service negotiation model and a composite manufacturing service coordination. The former model is based on automated negotiation to seek an atomic manufacturing service over multiple attributes for an individual subtask. The latter model incorporates the global distribution and surplus redistribution to coordinate and control multiple atomic manufacturing service negotiations for the whole manufacturing task. Numerical studies are employed to verify the effectiveness of the multi-attribute negotiation mechanism in solving the MSA problem. The results show that the proposed negotiation mechanism can address the MSA problem and surplus redistribution can effectively improve the success rate of negotiations.     

一种支持QoS约束的Web服务发现模型

服务质量(QoS)描述了一个产品或服务满足消费者需求的能力．提供有保证的QoS是Web服务在商业应用中获得成功的关键．如何动态地选择出最适合用户需求的Web服务正在引起研究领域的关注．该文提出了一种支持QoS约束的Web服务发现模型(WSDM-Q)．该模型定义了一组描述Web服务QoS及信誉度的分类tModel,引入了QoS量化的概念,采用了QoS协商和反馈机制,支持携带QoS描述信息的服务发布和基于QoS约束的服务发现．协商机制允许服务提供者根据运行时的状态对服务请求进行接纳控制,反馈机制允许服务注册中心对服务提供QoS的信誉度进行动态评估和调整。该模型不需要改变UDDI的内部实现,能够直接在现有的UDDI服务上进行扩展．作者已经基于Mierosoft.Netf平台和Microsoft UDDI服务实现了一个原型系统．     

面向Web服务的基于属性的访问控制研究

Web服务是一种新的面向服务的计算模式，由于其异构性、多域性和高度动态性，它提出了独特的安全挑战。一个关键的安全挑战就是要设计有效的访问控制机制。但目前存在的访问控制机制大多是基于身份的，存在严重的管理规模和控制粒度问题。本文提出利用基于属性的访问控制（Attribute-Based Access Control，ABAC）机制来处理Web服务的访问控制问题。ABAC采用相关实体的属性进行授权决策，能解决管理规模问题，并提供细粒度的控制。另外，文中对ABAC进行了建模，讨论了其应用，最后还给出了一种实施框架。     

一种基于ATN的网格服务选择模型

网格服务组合可以将现有的单个服务组合成复杂的服务或者应用,而网格服务组合的关键在于对单个服务的选择.提出一种基于ATN的网格服务组合二级信任ATN-CTT模型和算法.该模型上层对应于服务组合信任模板(SCTT),下层对应于SCTT中每个节点的可选择服务.每类待选的服务依据其信任度值组成信任矩阵,按照信任矩阵中信任度值产生服务组合信任模板,依据ATN的访问控制策略来使用信任模板中对应的服务.实验证明了这种模型的有效性和服务组合路径的稳定性和可靠性.将已有的信任机制和ATN结合起来,能够解决在网格动态环境下陌生主体间的安全访问控制问题和服务选择问题.     

面向云联网的云服务协商机制

随着云计算的快速发展,越来越多的用户开始使用云服务提供商提供的服务,而云联网作为云计算研究的新领域,可以实现跨云服务提供商的服务,当单个云服务提供商无法满足用户的服务需求时,云服务提供商之间以合作的方式为用户提供服务,以便更好地满足用户的服务需求。针对上述情况,提出了面向云联网的云服务协商机制,该机制利用云联网和改进的经典合同网模型来实现云服务提供商的交互协商。为了有效地选出合作伙伴以提高合作效率,还为每一个云服务提供商建立了一个熟人集。实验表明,本文设计的机制可以有效地提高云服务提供商之间的合作效率,并且可以更好地满足用户的服务需求。     

Flexible secure inter-domain interoperability through attribute conversion

The access control policy of an application that is composed of interoperating components/services is defined in terms of the access control policies enforced by the respective services. These individual access control policies are heterogenous in the sense that the services may be independently developed and managed and it is not practical to assume that all policies are defined with respect to some uniform domain vocabulary of policy attributes. A framework is described that provides a domain mapping for heterogenous policies. A fuzzy-based conversion mechanism determines the degree to which an access control attribute of one (service) policy may safely interoperate with an access control attribute of another (service) policy. The approach is scalable in the sense that it is not necessary to a priori specify every pairwise policy interoperation relationship, rather, where obvious interpretations exist then policy relationships are specified, while other relationships are inferred using the fuzzy mechanism.     

A Negotiation Scheme for Access Rights Establishment in Autonomic Communication

Autonomic computing and communication has become a new paradigm for dynamic service integration and resource sharing in today's ambient networks. Devices and systems need to dynamically collaborate and federate with little known or even unknown parties in order to perform everyday tasks. Those devices and systems act as independent nodes that autonomously manage and enforce their own security policies. Thus in autonomic pervasive communications clients may not know a priori what access rights they need in order to execute a service nor service providers know a priori what credentials and privacy requirements clients have so that they can take appropriate access decisions. To solve this problem we propose a negotiation scheme that protects security and privacy interests with respect to information disclosure while still providing effective access control to services. The scheme proposes a negotiation protocol that allows entities in a network to mutually establish sufficient access rights needed to grant a service.

---