| The appearance of Information Grid eliminates the problem of isolated-island information existing in Information System, and implements actual information sharing. But, because Information Grid is isomerous and dynamic, and it owns many users and resources, and the like, all the characters decides that the security issues it must solve become more complex. The security of Information Grid,which maily includes identity authentication, acess control, security correspondence and auditing, is one of the main directions researched nowadays.The existing identity authentication mechanisms maily solve the authentication problem in a single authentication domain,but there is a little research in the field of many authentication domains, especially in the field of many isomerous domains. This paper designs a uniform identity authentication model on the basis of the exising Grid Security Infrastructure-GSI and Grid Portal.Role-Based Access Control is the main access control policy used in the distributed system, but, because of the particularity of Information grid, existing RBAC mechanism must be expanded in order to be finely used in the grid environment. Furthermore, design of access control gain to resources is one important aspect to ensure that resources are accessed efficiently and safely. This paper expands the existing RBAC and designs a fine-grain authorization model based on RBAC, and gives its design picture.At last, this paper analyses and designs identity authentication, access control and security correspondence respectively according to the idiographic requirements of Expert Information Sharing Grid. finely solve identity authentication, access control and security correspondence in Expert Information Sharing Grid. |
PDF Full Text Request