摘要
采用属性证书的方式可对分布式RBAC系统中的用户进行有效的管理,并通过证书中的签名确保证书的有效性。但全部工作都由系统管理员完成,因此管理员的负担较重,在大型分布式的应用中存在瓶颈。设计基于可跟踪代理签名的证书及其代理发布,不仅有效地分散了管理员的任务,而且管理员和代理者不能滥用权力,攻击者也不能伪造证书和冒充用户,解决了管理员签发证书的效率问题,提高了RBAC系统的效率和安全性。
Using attribute certificates can manage users of RBAC models in distributed system efficiently;the signature in certificate guarantees the validity of the certificate.While the entire work of validating and publishing certificates done by system manager,the task is heavy,so bring out bottleneck in large distributed application.Designing a certificate structure and its proxy publishing based on traceable proxy signature,not merely scattered the task of manager,publisher and proxy signatures can't abuse their power,attackers can not forge certificate and imitate user.In this way ,solve the problem of manager's efficiency ,and improve the efficiency and security of RBAC system as well.
出处
《计算机工程与应用》
CSCD
北大核心
2007年第5期146-149,共4页
Computer Engineering and Applications
