检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]北京电子科技学院通信工程系,北京100070 [2]西安电子科技大学通信工程学院,西安710071
出 处:《计算机应用》2016年第2期402-407,共6页journal of Computer Applications
基 金:中央高校基本科研业务费专项资金资助项目(YZDJ1202);中央高校基本科研业务费资助项目(328201537)~~
摘 要:针对电子政务云跨域访问中用户资源共享访问控制细粒度不足的安全问题,提出一种基于用户等级的跨域访问控制方案。该方案采用了云计算典型访问控制机制——身份和访问控制管理(IAM),实现了基于用户等级的断言属性认证,消除了用户在资源共享中由于异构环境带来的阻碍,提供一种细粒度的跨域访问控制机制。基于Shibboleth和Open Stack的keystone安全组件,搭建了云计算跨域访问系统,通过测试对比用户的域外和域内token,证明了方案的可行性。Since the access control grain is not enough fine while users share resource during e-government cloud crossdomain access, a cross-domain access control scheme based on user's classification was proposed. In this scheme, a typical cloud computing access control mechanism — Identity and Access-control Management( IAM) was adopted, the assertion attribute authentication based on user classification was implemented, the obstruction caused by heterogeneity during resource sharing was also eliminated, and a fine-grained cross-domain access control mechanism was provided. Finally, a cross-domain system for cloud computer environment based on Shibboleth and secure component keystone of Open Stack was built, the feasibility of the scheme was proved by the test of comparing the tokens between inter-domain and outer-domain of a user.
关 键 词:电子政务云 跨域访问控制 等级 身份和访问控制管理 安全断言标记语言
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.117