排序方式: 共有206条查询结果,搜索用时 15 毫秒
11.
随着企业应用的需求越来越复杂,在复杂的企业环境下处理基于SOAP消息的安全信息是需要解决的实际问题。具体分析Web服务(Web Service)在企业环境下的安全机制,以及这种方式下如何安全处理SOAP消息。以一个税务部门信息服务平台为例分析了采用安全的Web Service的企业应用集成方案,实践证明此方式可以达到比较好的安全性能要求。 相似文献
12.
Rafael Marín-LópezAuthor Vitae Fernando Pereñíguez Author VitaeGabriel López Author Vitae Alejandro Pérez-Méndez Author Vitae 《Computer Standards & Interfaces》2011,33(5):494-504
Kerberos is a well-known standard protocol which is becoming one of the most widely deployed for authentication and key distribution in application services. However, whereas service providers use the protocol to control their own subscribers, they do not widely deploy Kerberos infrastructures to handle subscribers coming from foreign domains, as happens in network federations. Instead, the deployment of Authentication, Authorization and Accounting (AAA) infrastructures has been preferred for that operation. Thus, the lack of a correct integration between these infrastructures and Kerberos limits the service access only to service provider's subscribers. To avoid this limitation, we design an architecture which integrates a Kerberos pre-authentication mechanism, based on the use of the Extensible Authentication Protocol (EAP), and advanced authorization, based on the standards SAML and XACML, to link the end user authentication and authorization performed through an AAA infrastructure with the delivery of Kerberos tickets in the service provider's domain. We detail the interfaces, protocols, operation and extensions required for our solution. Moreover, we discuss important aspects such as the implications on existing standards. 相似文献
13.
14.
公钥基础设施在网络安全中的研究与应用 总被引:6,自引:0,他引:6
文章提出了一种基于PKI的网络安全模型,旨在为网络服务提供有效认证、访问控制、授权、传输机密性、不可否认性等安全机制。该模型在 PKI的基础上,结合了 Kerberos的优势,并扩展了其机制中服务票据的思想,提出了由授权服务器签名的授权证书的概念,以保证自治式与集中式访问控制相结合的安全管理模式。 相似文献
15.
Java移动代码是一种可以通过网络从一台计算机传珐另一台计算机上运行的Java程序,在现代网络计算及电子商务中具有广泛应用,Java的这一显著特性也蕴藏着授权管理上的不足,未授权者可以很容易地非法使用这些程序,针对Java移动代码的这些不足之处,分别对Java Applet及Java Applet及Java Servlet提出了基于数字签名算法的授权与访问控制方案,安全,有效地解决了这种新兴的授权与访问控制问题。 相似文献
16.
Mohamed Ahmed Hamid Harroud Roger Impey Ahmed Karmouch 《Multimedia Tools and Applications》2007,34(3):299-315
In this paper, we aim to provide adaptive multimedia services especially video ones to end-users in an efficient and secure
manner. Users moving outside the office should be able to maintain an office-like environment at their current locations.
First, the agents within our proposed architecture negotiate the different communication and interaction factors autonomously
and dynamically. Moreover, we needed to develop a user agent in addition to service and system agents that could negotiate
the requirements and capabilities at run time to furnish best possible service results. Thus we designed and integrated a
video indexing and key framing service within our overall agent-based architecture. We integrated this video indexing and
content-based analysis service to adapt the video content according to run time conditions. We designed a video XML schema
to validate the media content out of this multimedia service according to specific requirements and features, as we will describe
later.
相似文献
Ahmed KarmouchEmail: |
17.
Distributed authorization is an essential issue in computer security. Recent research shows that trust management is a promising
approach for the authorization in distributed environments. There are two key issues for a trust management system: how to
design an expressive high-level policy language and how to solve the compliance-checking problem (Blaze et al. in Proceedings
of the Symposium on Security and Privacy, pp. 164–173, 1996; Proceedings of 2nd International Conference on Financial Cryptography
(FC’98). LNCS, vol.1465, pp. 254–274, 1998), where ordinary logic programming has been used to formalize various distributed
authorization policies (Li et al. in Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 114–130, 2002; ACM
Trans. Inf. Syst. Secur. (TISSEC) 6(1):128–171, 2003). In this paper, we employ Answer Set Programming to deal with many complex
issues associated with the distributed authorization along the trust management approach. In particular, we propose a formal
authorization language providing its semantics through Answer Set Programming. Using language , we cannot only express nonmonotonic delegation policies which have not been considered in previous approaches, but also
represent the delegation with depth, separation of duty, and positive and negative authorizations. We also investigate basic
computational properties related to our approach. Through two case studies. we further illustrate the application of our approach
in distributed environments. 相似文献
18.
在多级控制系统中,控制权限的正确设置与管理对整个多级远程系统能否安全可靠运行起着至关重要的作用。本文介绍了利用西门子的Win CC中的内部变量来实现多级控制系统的权限设置与管理,并在黄河引黄涵闸远程监控系统中获得了成功的应用。 相似文献
19.
20.
一种基于SPKI的匿名支付方案 总被引:1,自引:1,他引:1
SPKI is a proposed standard for public-key certificates. One important property of SPKI is that SPKI is key-oriented rather than name-oriented, and the public-key is globally unique. In this paper we propose an anonymous paymentscheme based on SPKI aiming at the problem of anonymous payment in B2C e-commerce. In the scheme we use the key-oriented characteristic of SPKI to link the public key to the account, and use authorization certificates to pay. The scheme achieves the anonymity very well. 相似文献