| With the rapid application of information technology and the advent of ServiceOriented Architecture (SOA), the efficiency of software development has been greatlyimproved. However, the continuously increasing share level of Web data and resources,meantime, results in the growing seriousness of resource security. So how to supportdynamic techniques of access control used in the distributed environment and exercisemanagement over diverse resources in a unified and efficient way have become one ofthe most restraining factors in the current SOA development.This paper comes from The National Defense Pre-Research Foundation ofChina.This paper proposed an authorization service center model based on XACMLand elaborates its design and implementation. Firstly, it analyzes the work flow of thismodel and designs the corresponding class diagrams and data flow graphs. Secondly, itimplements each functional components of the model. Finally, the paper, by combiningwith applicable examples, tests the model to demonstrate the expected simplifiedoperating procedure of the system and verify the feasibility and security of theauthorization policies base on this model.The paper studies the problems of the complexity of constructing the policies, thelow efficiency of evaluation and the lack of flexibility and correctness of staticevaluation of the authorization center. Based on these researches, this paper proposedthe visual editing policies written by natural language and the mechanism of multiplebuffering, and introduces operation need and security risk to the decision makingtechnique of risk adaptation. |
PDF Full Text Request