检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]太原理工大学计算机与软件学院,山西太原030024
出 处:《计算机工程与设计》2008年第8期1922-1924,1928,共4页Computer Engineering and Design
摘 要:网格计算作为一种新的分布式计算基础架构,因其资源、服务的异构、动态等特征,决定了安全机制的重要性。访问控制是安全的一个重要的部分。现有的网格授权模型多是基于传统的访问控制方式,没有考虑到网格环境中主体属性和对象属性的多样性,以及具体的任务和执行环境。在借鉴和使用控制模型的基础上,提出一种基于属性和任务的网格授权模型。该模型在考虑主体属性和对象属性的同时,结合具体的任务和执行环境进行授权,并能够在主体属性和对象属性发生变动的情况下,实现动态授权,从而在一定程度上避免了滥用权限的现象。Grid computing has recently emerged as a new distributed computing infrastructure. Because the distribution of services and resources in grid are dynamic and heterogeneous, security is a critical concern in grid computing. Now, existing grid authorization models are mostly based on traditional access control which does not take the diversity of subject's and object's attributes in grid, as well as the particular task and the executing environment into account. According to the research on usage control model, a new authorization model based on attributes and task is brought forward. At the same time of taking the attributes of subject and object into account, this model combines actual task and executing environment to achieve authorization. Besides, this model can also dynamically adjust the rights which subject obtains according to the changes of the attributes of subject and object when the task is executed, so abusing can be avoided in a way.
关 键 词:网格计算 访问控制 基于角色的访问控制 授权 使用控制模型
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.48
