期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网格虚拟组织内访问控制策略的自动组合方法 被引量:1

Automatic composition scheme for access control policies in grid virtual organization
下载PDF
导出
摘要 为实现网格中安全策略的动态生成,提出了基于访问控制策略集自动组合的方法。虚拟组织根据网格服务组合约束,建立相关自治域访问控制策略集的组合关系。利用代数集合理论实现策略集的组合运算,通过自动组合引擎和组合触发规则,实现访问控制策略集的自动组合,生成虚拟组织内的访问控制策略集。由于自动组合后的策略集存在冗余子集和操作权限冲突,提出了操作权限自动合并方法和冲突解决办法,并提出了自动组合算法。经分析证明,该方法在网格环境下具有较强的灵活性和动态适应性。 To realize dynamic generation of the access control policies and improve the dynamic adaptability of authorization verification for requester in grid, the automatic composition scheme for access control policy set in grid was put forward. According to the services composition constraints, the composition relationships of policy set for au tonomous domains of Virtual Organization (VO) was constructed. The theory of algebra set was used to implement composition and computing for the policy set. And the automatic composition for policy set was realized by means of automatic composition engine and automatic trigger rules, and the access control polices set in VO was therefore generated. As there might be conflicts and redundancy policy subset in composed polices set,a method to resolve conflicts and automatic permission combination was proposed. The automatic composition algorithm was also presented. By analysis and implementation of the scheme, it was demonstrated that the scheme was with higher flexibility and dynamic adaptability.
作者 王荣斌 陈蜀宇 王卫平 喻玲
机构地区 重庆大学计算机学院 重庆高速公路发展有限公司 重庆大学软件工程学院
出处 《计算机集成制造系统》 EI CSCD 北大核心 2009年第5期1023-1030,共8页 Computer Integrated Manufacturing Systems
基金 教育部新世纪优秀人才支持计划基金资助项目(NCET-04-0843) 重庆市自然科学基金资助项目(2005BB2192)~~
关键词 网格 虚拟组织 访问控制 策略集 自动组合 权限合并 grid access control virtual organization policy set automatic composition permission combination
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献16

  • 1MARISH A,MARISH P.Enabling autonomic compositions in grid environments[C]//Proceedings of the 4th International Workshop on Grid Computing.Washington,D.C.,USA:IEEE Computer Society,2003:34-41. 被引量:1
  • 2BONATI P,DE CAPTITANI S,SAMARATI P.A modular approach to composing access control policies[C]//Proceedings of the 7th ACM Conference on Computer and Communication Security.New York,N.Y.,USA:ACM,2000:164-173. 被引量:1
  • 3BONATI P,DE CAPTITANI DI VIMERCATI S,SAMARATI P.An algebra for composing access control policies[J].ACM Transactions on Information and System Security(TISSEC),2002,5(1):1-35. 被引量:1
  • 4WIJESEKERA D,JAJODIA S.A propositional policy algebra for access control[J].ACM Transactions on Information and Systems Security,2003,6(2):286-325. 被引量:1
  • 5DAMIANOU N,DULAY N,LUPU E,et al.Tools for domain-based policy management of distributed systems[C]//Proceedings of Network Operations and Management Symposium.Washington,D.C.,USA:IEEE,2002:203-217. 被引量:1
  • 6DAMIANOU N.A policy kamework for management of distributed systems[D].London,UK:University of London,2002. 被引量:1
  • 7JAJODIA S,SAMARATI P,SUBRAHAMNIAN V S,et al.Aunified framework for enforcing multiple access control policies[J].ACM Sigmod Record,1997,26(2):474-485. 被引量:1
  • 8OMKAR J,TILAKRAJEEW R,ZOU Xukai.Composing access control policies of distributed components[C]//Proceedings of the 2nd IEEE International Symposium on Dependable,Autonomic and Secure Computing.Washington,D.C.,USA..IEEE Computer Society,2006:301-307. 被引量:1
  • 9SIEWE F,CAU A,ZEDAN H.A compositional framework for access control policies enforcement[C]//Proceedings of 2003 ACM Workshop on Formal Methods in Security Engineering.New York,N.Y.,USAlACM,2003:32-42. 被引量:1
  • 10MOSZKOWSKI B.Executing temporal logic programs[M].New York,N.Y.,USA;Cambridge University Press,1986:75-125. 被引量:1

二级参考文献11

  • 1Gladney H.M., Meyers J.J., Worley E.L. Access control mechanism for computing resources. IBM Systems Journal, 1975, 14(3): 212~228 被引量:1
  • 2Anderson J.P. Computer security technology planning study. Air Force Electronic Systems Division, Hanscom AFB, Bedford, MA: Technical Report ESDTR-73-51, 1972 被引量:1
  • 3Xu Feng, Xie Jun, Huang Hao, Xie Li. Context-aware role-based access control model for Web services. Lecture Notes in Computer Science 3252, 2004, 430~436 被引量:1
  • 4Ferraiolo David, Kuhn Richard. Role-based access controls. In: Proceedings of the 15th NIST-NCSC National Computer Security Conference, Baltimore, MD, 1992, 554~563 被引量:1
  • 5Sandhu R., Conyne E.J., Lfeinstein H.L. et al. Role based access control models. IEEE Computer, 1996, 29(2): 38~47 被引量:1
  • 6Ferraiolo D.F., Sandhu R., Guirila S., Kuhn D.R., Chandramouli R. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 2001, 4(3): 224~274 被引量:1
  • 7Xu Feng, Lin Guo-Yuan, Huang Hao, Xie Li. Role-based access control system for Web services. In: Proceedings of the 4th International Conference on Computer and Information Technology (CIT'04), Wuhan, 2004, 357~362 被引量:1
  • 8Thomas R.K., Sandhu R. Task-based authentication controls (TABC): A family of models for active and enterprise-oriented authentication management. In: Proceedings of the IFIP WG11.3 Workshop on Database Security, London, 1997, 166~181 被引量:1
  • 9Sudhir Agarwal, Barbara Sprick. Access control for semantic Web services. In: Proceedings of IEEE International Conference on Web Services (ICWS'04), San Diego, California,USA, 2004, 770~773 被引量:1
  • 10Bhatti R., Joshi J.B.D., Bertino E., Ghafoor A. Access control in dynamic XML-based Web-services with XRBAC. In: Proceedings of the 1st International Conference on Web Services, Las Vegas, 2003, 243~249 被引量:1

共引文献55

同被引文献10

引证文献1

二级引证文献7

计算机集成制造系统
2009年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部