| The development and popularity of Internet offer great convenience for efficient sharing of global resources and information. With the widely establishing of large scale and distributed information system, and the rapidly developing of information society, the application of computer is gradually evolving into networked modality, and the network security is confronted with new challenges.The access control system based on policy is a trend of solving this kind of problem. The calculation environment that the operating system offers is comparatively more believable, it adopted concentration type access control system should one good beginning that issue launch. It practised access control in common use frame(GFAC), is it divide into layer and policy that isolate to adopt, have offered a highly abstract access to control the frame of taking. But to distributed calculation environment, how effective management entity target of distributed environment? How to improve and manage replying the degree of using of the policy? And how is the conflict existing in distributed system based on policy solved ? Problem these is it solve distributed environment access the bottleneck controlled safely to become already.All above-mentioned demands for the distributed online security system, can all satisfy through the solution based on distributed management of the policy . Based on policy management solution is it realize to come through policy to distributed, automation and trends adaptive management of administrative system, have already become the most rising research direction of distributed system management within the extensive enterprise layer network. The studying of access control safety policy that the proposition of this text limits under the distributed environment, lay particular emphasis on to distributed environment policy research of conflict and it proposes to be distributed to access model of controlling because of what role divide, solve the method of the policy conflict under the distributed environment through the role's security division. And has realized one on the basis of distributed access control system which the role divided. In addition this text's formalization to policy show that language -Ponder languages have carried on deeper studying. |
PDF Full Text Request