| With the development of information technology and network technology, networked manufacturing is becoming a new paradigm for manufacturing industry. Networked manufacturing system is an open, heterogeneous, cooperation-supported, agile system for networked manufacturing which is composed of various, distributed manufacturing resources through network. All information of an enterprise needs to store, send, transfer, integrate and reproduce in the system in which a great deal of intellectual asset requires protection. Therefore information security is the precondition for applying and extending the system. The object of this paper is to realize information security for networked manufacturing system.Security architecture should satisfy the requirements of complicated system features. Through analyzing the common requirements of security architecture and the requirements of complicated system features, a new security architecture is established in this paper which can meet the needs of networked manufacturing system.Access control model is the foundation of the realization of access control in the system. Based on analyzing system features related to access control and problems existing in the system, an access control model named semantic driven access control model (SDACM) is proposed which can control the data in workflow and those data unrelated to workflow at the same time. SDACM also can support self-help authorization under the control of security manager and solute the problem induced by dynamic characteristics and cooperation.Constraints and policy consistency are two key problems in SDACM. In order to study these problems, object model of SDACM is established in this paper describing components in SDACM clearly. Based on the object model, a new method is suggested to support constraint management which can avoid repeated storing and reduce the system constraint number. Also general principles and an arithmetic are put forward to decrease the cost for consistency maintenance.Architecture and mechanism for access control are the realization of access control model in system. According to the direction of security architecture and SDACM, an access control architecture is established and its implementation procedure is given out. Under the direction of security architecture, an agent-based authentication scheme and a scheme for subject configuration are proposed. The scheme for all policy configuration in access control module is also given out.In order to apply SDACM in networked manufacturing system, tables in relational database for policy storing is established, an experiment was carried out to transfer data in relational database to data organized in object and method is given out to draw role graph which gets data from relational database. Moreover, a cooperative tool for networked manufacturing system is designed based on the analysis of existing problems. Methods for policy transfer, arithmetic for public filtering rules of cooperative group and arithmetic for member filtering rules in cooperative group are all presented in this paper.We have developed the access control module in prototyping system in which theories, methods and arithmetic researched in this dissertation are used. In order to describe clearly, prototyping system and methods to develop the system are also introduced.
|
PDF Full Text Request