| With the popularization of the network applications, large numbers of network resources have been published to serve users of the enterprises which have been subscribed the resources' services. In order to enable those enterprises to control how their employees use these resource according to the security policies, and provide a flexible service to enable their users to access the resources conveniently, a distributed secure proxy framework consists of a batch of secure proxies and a centralized administrative center, and a distributed authorization and access control architecture based on SAML and XACML technology which is applied in this framework have been implemented in this paper.In this paper, The System structure and the business flow of the distributed secure proxy framework has been presented according to the analysis of the requests. A high-efficient distributed authorization and access control architecture has been provided based on the analysis of the advantages and problems of some existing authorization and access control models, to support enforcing flexible access control according to the policies built in a centralized center. A business flow of enforcing authorization and access control on the distributed secure proxy service has been designed to support the request of the secure proxy service. Adopt the design mentioned above, a implementation of the distributed secure proxy framework and the distributed authorization and access control architecture of this framework have been provided. On the base of these works, a distributed Web application framework has been presented. This framework supports online control, concentrated management, Single Sign On, distributed authorization, and can enforce flexible access control according to the policies.What have been discussed in this page have been applied in a real project, and have made an expected effect. |
PDF Full Text Request