Research Of JTang Distributed Privilege Management Infrastructure

Posted on:2007-09-19

Degree:Master

Type:Thesis

Country:China

Candidate:Y W Zhao

Full Text:PDF

GTID:2178360182466646

Subject:Computer application technology

Abstract/Summary:

PDF Full Text Request

Authentication and authorization are two important requirements of network security. Privilege Management Infrastructure (PMI), as a helpful supplement to PKI authentication service, can provide secure and reliable authorization service.Current PMI research has encountered the problems of weak flexibility, lack of mutual operation and low performance in enterprise applications. This thesis proposes a RBAC (Role-based Access Control) based distributed PMI model JTangPMI, which is funded by the major research project JTang Application Server Platform of Zhejiang Province. JTangPMI incorporates the sophisticated role theory of RBAC as the solution of access control, and provides a uniform access control and authorization service to enterprise application systems. Constraints simplification and clustering are two key technologies to enhance the performance of JTangPMI and ensure stringent quality of service (QoS), including high-availability, high-reliability.In the 1^st chapter, we outline the Privilege Management Infrastructure. The background and prospect of PMI are briefly introduced. A survey of developing history and the challenges encountered in the current research are also explained. At the end of this chapter, we introduce the background of this thesis and its summary.Chapter 2 gives some definition of PMI concepts and its architecture defined by X.509 standard. A fully description of Attribute Certificate Frame is also presented in this chapter. Then, we analyze two current PMI products: AKENTI and PERMIS.In the 3rd chapter, we fully introduce the RBAC based distributed PMI model JTangPMI. Before proposing our model, we introduce the RBAC theory to give readers a basic knowledge for the further discussion of our model, and then we illustrate our model from three key features: architecture, core functional modules and technology process.In the 4th chapter, we provide two solutions to resolve the problem of low performance in large-scale distributed concurrent environment partially. Clustering computing technology is employed to achieve high-availability, high-reliability QoS; Constraints simplification rules are presented to simplify policy checking in PMI.Chapter 5 detailed the implementation of JTangPMI with some important data structures and process of important functional modules.At the last chapter, we conclude this thesis and the some future work are proposed.

Keywords/Search Tags:

PMI, RBAC, clustering, constraint simplification, attribute certificate

PDF Full Text Request

Related items

1	Design And Research In RBAC-BASED PMI System
2	Research On Web RBAC Based On Attribute Certificate And Policy
3	Document Management System Design And Implementation Of RBAC
4	The Study Of The Attribute Certificate-Based Authorization Schema In Grid And Its Application In The Distance Education
5	The Implementation And Optimal Research Of PKI Certificate Service
6	Attribute Certificate And Applied Research
7	Research On Access And Authorization Of E-gov System Based On RBAC And PMI
8	Research And Implementation Of RPMI System Based On PKI
9	Research And Design On A Role-Based Access Control PMI System
10	Based On The Role Of Privilege Management Infrastructure Pmi