Based on the security demands of grid, the paper proposes a retracted and extensible security strategy of access control as well as the corresponding security model. It also presents a flexible access control security policy, which supports the inherent dynamics, flexibility and expansibility of grid computing environment. Based on the strategy design, the corresponding access control security model is able to support identity authentication and access control through XML-based inquiring request / assertive response language SAML and extensible access control language XACML.
倪问尹,尹锋,黄建琦. 网格计算环境下的数字化图书馆安全模型和访问控制安全策略研究*[J]. 现代图书情报技术, 2008, 24(4): 75-79.
Ni Wenyin,Yin Feng,Huang Jianqi. The Research of Security Model and Access Control Security Strategy of Digital Library in Grid Computing Environment. New Technology of Library and Information Service, 2008, 24(4): 75-79.
[1] 郑然,金海,章勤. 网格工作流资源层次模型与访问机制[J]. 华中科技大学学报:自然科学版,2006(S1):37-40.
[2] Bacon J, Lloyd M, Moody K. Translating Role-Based Access Control Policy Within Context[M].In Policies for Distributed Systems and Networks,2001.
[3] Jajodia S, Samarati P, Subrahmanian V S. A Logical Language for Expressing Authorizations[C].In: IEEE Symposium on Security and Privacy, 1997.
[4] Damianou N, Dulay N, Lupu E, et al. The Ponder Policy Specification Language[C]. In: Proceedings of the International Workshop of Policies for Distributed Systems and Networks, 2001.
[5] 王鹏, 季明, 梅强,等. 交换式网络下HTTP会话的劫持研究及其对策[J]. 计算机工程, 2007,33(5):135-137.
[6] 费巧玲,徐向阳,蒋国清,等. 基于SSL的安全邮件解决方案[J]. 计算机工程, 2007,33(5):114-116.
[7] Chang F, Itzkovitz A, Karamcheti V. User-level Resource-constrained Sandboxing[C].In: Proceedings of the USENIX Windows Systems Symposium,2000.
[8] Lindholm T, Yellin F. The Java Virtual Machine Specification Addition-Wesley[M]. Second Edition, 1999.
[9] 杨艳, 陈性元, 杜学绘. 基于VPN的安全审计系统的设计与实现[J]. 计算机工程, 2007,33(9):177-179.
[10] 李佳,徐向阳. 角色管理自动化的访问控制[J]. 计算机工程, 2007,33(5):120-125.
[11] 蔡红霞,俞涛,方明伦. 制造网格中访问控制的研究[J]. 计算机集成制造系统, 2007,33(4):120-125.
