| As a new distributed technology, Web service is easy to expose the weaknesses and limitations of the existing security system, because of its inherent heterogeneity, dynamic nature, complexity and multinomial characteristic, so security issues must be solved before the web services’ wide use. Access Control is an important security technology and is also a criterion for TCSEC to evaluate the security of system, and therefore it’s important to provide an access control model which is suitably for dynamic and multi-domain web services environment.There are a lot of security domains which use different access control technology in the web services environment, so the technology must be able to solve the problem of cross-domain access control. Based on the study XACML which gives a standard access control framework, this paper expands the XACML access control model and proposes a cross-domain access control model based on trust measurement, by integrating the trust management and trusted platform measuring. Based on users’ uniform identity authentication, through the analysis of users’ historical access behavior, the model introduces user’s trust degree, platform configuration integrity and inter-domain trust degree, and therefore improves the dynamics and security of the cross-domain access control. At the same time, according to the complexity of the analysis of massive historical access behavior, this paper describes the implementation of Inside Trust Manager Point and Outside Trust Manager Point in detail, put forward trust degree cache and real-time updating method, and improves the efficiency of the system effectively. Finally the model’s feasibility is proved by a simulation experiment. |
PDF Full Text Request