一种改进UCONC的服务网格授权决策模型  被引量:2

Improved UCONC authorization decision model for the service grid

在线阅读下载全文

作  者:桂劲松[1] 陈志刚[1] 邓晓衡[1] 刘立[1] 

机构地区:[1]中南大学信息科学与工程学院,湖南长沙410083

出  处:《西安电子科技大学学报》2008年第3期546-553,共8页Journal of Xidian University

基  金:国家自然科学基金资助(60573127);湖南省自然科学基金资助(06JJ30032)

摘  要:针对基于条件谓词决策的使用控制模型(UCONC)表达能力弱的缺陷,为了在服务网格实现决策组件与执行组件的合理分工,促进独立授权过程的并发执行,提出一种委托凭证模型细粒度表达决策结果.基于此改进UCONC,用委托凭证处理过程的状态组合替换原来简单的访问状态,决策组件根据请求时系统状态输出合理的委托凭证,根据系统状态的变化再决策可转换委托凭证的处理状态.该方法有效避免了相同访问请求重复产生委托凭证,委托凭证真实反映授权的实际需求.在e-Learning Grid系统中,改进后的决策模型能够细粒度地表达授权策略,输出合理的决策结果,各种访问请求通过合适的决策与控制满足了应用对安全的需求.To keep free from weak capability of expression of the usage control model based on condition predication decision (UCONc), realize reasonable task assigning between decision component and execution component, and improve concurrent enforcement of independent authorization processes in the service grid, a delegation certification model is proposed to express the decision result in a fine-grained manner, and the UCONc is improved. Delegation certification processing statuses are defined to replace the simple access status. The decision component can make the reasonable delegation certification based on the system status when a request arrives, and also make a decision to change the delegation certification processing status when the system status is changed. This method effectively avoids the fact that the same access requests generate the delegation certification repeatedly, and the delegation certification really reflects actual demands of authorization. In an e- Learning Grid, the improved decision model expresses the authorization policy in a fine-grained manner, and exports reasonable decision results. Various access requests satisfies security requirements of application through the suitable decision and control .

关 键 词:服务网格 授权决策 委托凭证 条件决策使用控制模型 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象