| 属性驱动的多策略网格授权机制研究 |
| |
| 引用本文: | 付更丽,曹宝香,夏小娜.属性驱动的多策略网格授权机制研究[J].通信技术,2010,43(9):153-155. |
| |
| 作者姓名: | 付更丽 曹宝香 夏小娜 |
| |
| 作者单位: | 曲阜师范大学,计算机学院,山东,日照,276826 |
| |
| 基金项目: | 国家自然科学基金资助项目 |
| |
| 摘 要: | 网格系统存在大量动态的访问用户和每个自治域有自己的访问控制策略,因此具有动态性和自治性的访问控制需求。基于属性的访问控制和网格系统的授权需求提出了一个属性驱动的多策略访问控制模型(MP_ABAC,Multipolicy_supported Access Control based on Attribute)并基于继承和封装思想和可扩展访问控制标记语言(XACML)设计了MP_ABAC授权框架。框架在网格访问控制中存在很大的优势,为网格授权系统提供了开放的架构,且能够集成第三方基于属性的授权系统。
|
| 关 键 词: | 基于属性 网格 XACML 授权框架 |
Study on Attribute-driven Multipolicy_supported Grid Authorization Mechanism |
| |
| FU Geng-li,CAO Bao-xiang,XIA Xiao-na.Study on Attribute-driven Multipolicy_supported Grid Authorization Mechanism[J].Communications Technology,2010,43(9):153-155. |
| |
| Authors: | FU Geng-li CAO Bao-xiang XIA Xiao-na |
| |
| Affiliation: | (College of Computer Science,Qufu Normal University,Rizhao Shandong 276826,China) |
| |
| Abstract: | The grid,for its large number of dynamic users and its own policy in each autonomous domain,demands dynamic and autonomous access control.This paper,based on the concept of ABAC and the authorization requirements of grid system,proposes a multipolicy_supported grid access control Model-MP-ABAC model.And an authorization framework based on inheritance,encapsulation idea and XACML is designed,thus to support MP_ABAC model.The authorization framework displays great advantages in supporting Grid access control,provides an open architecture for grid authorization systems,shows the effectiveness of MP_ABAC model,and could integrate the attribute-based third_party authorization system. |
| |
| Keywords: | XACML |
| 本文献已被 维普 万方数据 等数据库收录! |
|
