Research And Implementation Of Mandatory Access Control Based On SOA

SOA, due to its open, loosely coupled, and many other advantages and is increasingly being used by the industry.SOA architecture is designed to improve the structure of the open and reuse of services, and its security problems facing the increasingly prominent.SOA-based access control solution can be divided into two kinds: First, the traditional framework of access control technology; Second, related to the implementation of access control based on SOA standards. But they are not ideal solutions, the traditional architecture of the access control model does not completely fit the characteristics of SOA requirements, and SOA security access control-related standards developed due to its decentralized nature and diversity of characteristics, need to build appropriateaccess control solution.In this paper, SOA architecture access control for a more in-depth research, mainly include:1. Around the SOA architecture characteristics, in the study of SOA and access control technology, for the problem of access control based on SOA, design a service-oriented multi-level security access control model (SO-MSMAC, Service-Oriented Multi-level Security Mandatory Access Control).The model uses mandatory access control policy to fine-grained protect the safety of SOA service resources.Model first analyzed within the demand of designing.And then designs the resource model.The last by discussing the four operations on the service, formal description of a service-oriented multi-level security access control model details.2.Design the access control solution based on SO- MSMAC. The solution contains the access control system based on SO- MSMAC, the working ways of solution and the access control technology. By the analysis of the demand of access control based on SOA, design the access control system based on SO-MSMAC. Based on the characteristic of service access, discussion the using of access control solution based on SO- MSMAC. Meanwhile, discuss message-based architecture handle access control implementation techniques.3.Integrated service-oriented multi-level security access control model and access control solution based on SO-MSMAC, design prototype verification system based on SOA, the structure of access control systems are described to analysis service-oriented multi-level security access control model and the solution .This research closely around the characteristics of SOA, using SOA thinking to solve the access control security, can solve the safety of access the service well.