×

基于属性访问控制方法中的策略定义研究

消耗积分:5 | 格式:rar | 大小:176 | 2009-08-14

h1654155275.3301

分享资料个

基于属性的访问控制(ABAC)是面向Web Service应用的一种新的访问控制方法。可
扩展访问控制标记语言XACML是一种支持该方法的重要规范,它给出了ABAC策略执行框架以及ABAC 策略的定义语言。但XACML 中策略定义非常繁琐复杂,对用户提出了很高要求。本文在对ABAC模型进行分析研究的基础上,分析了XACML的策略定义语言,提出了基于XACML 的ABAC策略模版,并给出了基于策略模版编写ABAC 策略的方法,从而在保证策略正确定义的基础上,有效简化了策略定义过程。
关键词:基于属性的访问控制,XACML,策略模版,策略定义方法
ABSTRACT:Attribute Based Access Control (ABAC) is a new access control method in the
application of Web Service. eXtensible Access Control Markup Language (XACML) is an
important standard supporting ABAC; it brings up an ABAC policy enforcing architecture and an ABAC policy definition method. But it is very complicated to define ABAC policy using XACML, and It is difficult for common user to master it. In this paper, we analyze the definition method in XACML based on the ABAC model, bring up a XACML based policy definition template and the policy definition method based on it. In this way, we can both assure the accurate of the policy and simplify the policy definition procedure.
Keyword: Attribute BasedAccess Control, XACML, Policy template, Policy definition method

声明:本文内容及配图由入驻作者撰写或者入驻合作网站授权转载。文章观点仅代表作者本人,不代表电子发烧友网立场。文章及其配图仅供工程师学习之用,如有内容侵权或者其他违规问题,请联系本站处理。 举报投诉

评论(0)
发评论

下载排行榜

全部0条评论

快来发表一下你的评论吧 !