计算机应用与软件2011,Vol.28Issue(3):265-268,4.
基于隐藏证书的XACML访问控制扩展模型
AN EXTENDED XACML ACCESS CONTROL MODEL BASED ON HIDDEN CREDENTIAL
摘要
Abstract
The access control model presented with eXtensible Access Control Markup Language (XACML) is the latest and most advanced access control model in service-oriented architecture. However, it does not address how to preserve the privacy of sensitive attributes and policies, which limits the promotion value of this standard. In light of this issue, in this paper we propose that to extend XACML access control model with hidden credential technology, which preserves the privacy of sensitive attributes and policies on both interactive sides, so that the automated trust negotiation based on XACML access control model is achieved. Meanwhile, the organisation method and approach for confidential policy in XACML standard is also depicted in this paper. At the end of the paper the safety of the extended access control model is analysed, and it is proven that the model can run well against various types of general distributed attacks.关键词
隐藏证书/信任协商/访问控制/可扩展访问控制标记语言引用本文复制引用
葛维进,胡晓惠,邓勇..基于隐藏证书的XACML访问控制扩展模型[J].计算机应用与软件,2011,28(3):265-268,4.
