| With the rapid development of information technology , especially web service related technolog in the last few years, information security issued become focal point for many IT professional.Traditional security solution cannot meet the changed requirement, and information security issues become a major obstacle for the E-commerce and E-Government development.How to solute the problem of access control about the XML documents is becoming a big problem in the area of XML security.The major achievements of this study can be found in two aspects. First is the combination of role based access control (RBAC) and XML documentation.The next is by using the weblogic server it implement the access control between the different domains.This thesis firstly examined XML concept, its related technology development and major information security threatens we are facing. And analyzed potential need for carrying out this study due to rapid developing computer network technology and distributed application development. More debates are put in the XML technology, information security concept and its scheme, XML security and its standard. Access control related DAC, MAC, RBAC and their technology, role based access control mechanism and RBAC96 model, XACML structure and its programming are also discussed in details.Secondly, Based on the requirement specification analysis of XML application security,this thesis formulated an XML documentation access control scheme by using XACML.Not only analysis the detailes of the system,but also giving the code of the examples to support the issue.In the test step, this thesis use the Weblogic Server to buid two different domains,then using the SAML to configurate the source domain and the target domain to informat each other.At last it give the code of the example to testing the access process. |
PDF Full Text Request