计算机技术与发展2012,Vol.22Issue(1):228-232,5.
PMI授权管理系统设计与实现
Design and Implementation for Authorization Management System Based on PMI
周彦萍 1崔彦军2
作者信息
- 1. 河北省科学院应用数学研究所河北省信息安全认证
- 2. 工程技术研究中心,河北石家庄 050081
- 折叠
摘要
Abstract
Enterprise applications face the following security problems: the sharing of resource information, the adjustment of the users and services across the boundaries,the large variety of properties in security policies and the polymorphic of factors in privilege decision support. In this paper, introduce a practical authorization management system based on PMI. It combines GB / T 16264.8-2005 and ISO / IEC 9594-8 (2005), and follows the X. 509 attribute certificate protocol. It stores the authorization information in LDAP and attribute certifications through the improved RBAC model to isolate the access control model from the applications. It encapsulates the complexity of security technology that ensures the flexibility, adaptability and scalability of the system. The design of the system, the authorization model, the access control model and the LDAP database are also given in the paper.关键词
授权管理基础设施/公负基础设施/轻型目录访问协议/授权管理/授权体系/访问控制Key words
PKI/PMI/LDAP/privilege management/authorized system/access control分类
信息技术与安全科学引用本文复制引用
周彦萍,崔彦军..PMI授权管理系统设计与实现[J].计算机技术与发展,2012,22(1):228-232,5.
