检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]重庆大学计算机学院
出 处:《计算机应用》2010年第10期2632-2635,2640,共5页journal of Computer Applications
基 金:国家科技支撑计划项目(2008BAH37B04)
摘 要:针对传统访问控制模型在新一代可信互联网环境应用中存在用户角色赋值效率不高、跨域访问控制实现困难等局限性,提出了基于属性的通用访问控制框架。该框架对用户、资源、操作和上下文四类对象的属性信息进行统一的描述和处理,简化了传统RBAC及其他访问控制系统复杂的权限判定方式,从而增强了访问控制系统的通用性和灵活性;同时,对于跨域的访问应用了基于属性证书的验证方式并给出了相应的策略评估方案和评估算法,能够针对不同应用域中用户的访问需求动态实施资源管理和访问控制;另外,框架中引入的运行上下文对象机制,进一步提升了该框架对复杂、动态互联网环境的适应能力。Concerning the limitations of the application of traditional access control model in new generation credible Interact environment, such as the inefficiency in user-role assignment and the difficulty in cross-domain access control, a universal attribute-based access control framework was proposed. It took a unified method to dispose the attributes of users, resources, operations and running context, simplified the complex way of permissions determination in traditional RBAC and other access control modes, thus enhancing the versatility and flexibility of access control system. At the same time, authentication based on attribute certificates was applied in cross-domain access, policy evaluation and evaluation algorithm were also discussed, which could dynamically realize resource management and access control for users from different domains. In addition, the mechanism of the running context makes the framework more suitable to be applied in complex and dynamic Internet environment.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.249