| Information Security has become more and more important in modern enterprises. The most important thing that assures the information secure is to keep the unauthorized users from enterprise-level application systems. This job is done by access control mechanism. The research on access control models and software implementation is of great academic and practical significance.XACML (extensible Access Control Markup Language) is an XML-based language for access control that has been standardized in OASIS(Organization for the Advancement of Structured Information Standards). Compared with the previous policy described language, XACML language based on XML, XACML has also been able to identify the characteristics of the computer. Of course, there are other policies described XACML language similar elements, visited objectives, subjects (visitors), action and rules. In addition to providing policy described grammar, XACML also given a standardized access control decision-making models. This thesis introduces XACML at first, mainly discuss the basic concepts, the language data flow model and the language model. Then the XACML access control model is given and realized by java language. The model have good expansibility since it based on the policies file.CAS (Central Authentication Service) is an open source project, it realized the single sign on, but the access model is not given by the developers, it must be done by the users. We use the XACML access model to accomplish the access model and it can works well with the project. At the end of the paper we give some test of the project. Through this research, I hope it can gives help to the researchers of the filed of access control and single sign on. |
PDF Full Text Request