检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]中国洛阳电子装备试验中心 [2]解放军96275部队
出 处:《计算机应用》2015年第8期2184-2188,共5页journal of Computer Applications
基 金:总装备部预先研究项目(51333030103)
摘 要:Web服务环境中,交互实体通常位于不同安全域,具有不可预见性。Web服务应该基于其他与领域无关的信息而非身份来实施访问控制,以实现对跨域未知用户的访问授权。为此,提出了适应于Web服务的基于上下文的访问控制策略模型。模型的核心思想是将各种与访问控制有关的信息统一抽象表示为一个上下文概念,以上下文为中心来制定和执行访问控制策略,上下文担当了类似基于角色的访问控制(RBAC)中角色的概念。基于描述逻辑语言(DL),定义了基于上下文的访问控制策略公理,建立了访问控制策略知识库,提出了访问控制策略的逻辑推理方法。最后基于Racer推理系统,通过实验验证了方法的可行性和有效性。In Web service environment, the interacting entities usually cannot be predetermined and may be in different security domains. To address the access authorization for unknown users across domain borders, access control of Web service should be implemented based on domain-independent access control information but not the identities. A context-based access control policy model which can be appropriate for Web service environment was proposed. The main idea of the model was that, various access control information was abstracted and represented as a concept of context which was adopted as the center to define and perform access control policies. The context concept here acted as an intermediary between requesters and the access permissions, which was similar to the role of Role-Based Access Control (RBAC) in a way. Context-based access control policy axioms were defined based on Description Logic (DL), on the basis of these axioms, the access control policy knowledge base with the capacity of reasoning about the access control policies was put forward. Finally, the effect of access control policy enforcement was verified in Racer reasoning system, and the experiment result proved the feasibility and validity of the presented method.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3
