Research On The Framework Of ABACDescribed By JSOACNin Open Platform SupportedOAuth2.0

Posted on:2017-12-26

Degree:Master

Type:Thesis

Country:China

Candidate:P Zhang

Full Text:PDF

GTID:2348330488964338

Subject:Systems analysis and integration

Abstract/Summary:

PDF Full Text Request

Nowadays, web sites represented by social network have transformed from SOA architecture to Open Platform featured by Web APIs. Most domestic Open Platform apply OAuth2.0 to solve the problem of authorization in multi-domian, for example, Facebook, Twitter, Google+, Weibo, Zhihu, Douban etc. OAuth2.0 is an open standard of authorization. Third-party applications can use the authorization of the Open Platform by OAuth2.0 to access users'resources stored in the server, and users'login certification will not be divulged.This thesis analyzes the Authorization and Access Control and provides a security architecture based on OAuth2.0 and ABAC, and I apply a list of development tools and SDK to the analysis. Using OpenID and OAuth can ensure open authorization and can enhance security of users'login certification. Based on open authorization, this thesis apply JSOACN which is based on JSON to describe ABAC that could perfect security architecture of authorization and Access Control in open platform. When users use the three applications, they can safely access to the resources, and the applications can also meet the fine-grained access needs in Internet. The Innovations in this thesis mainly includes:1) JSOACN based on JSON was provided to replace XACML. Using JSOACN to describe Subjects Attribute, Objects Attribute, Environment Attribute, Policy and Rule can enhance flexibility and universality of Access Control and can better manage the access control policies. Describing the ABAC by JSOACN can make the access control have high scalability, understandability, composite workability and cross-platform adaptability, etc.2) Applying ABAC to OAuth authorization based on OpenID authentication can transform the service based on OAuth to authorized service that is based on resource owner attribute, resource attribute, and environment attribute, which improves security while using Web services in cross-domain and meets the demands of enough granularity to access and control those resources in Internet.3) In the experiment, OpenID and Oauth are combined to design the Access Control. And by applying ABAC described by JSOACN to resources API, the application provide Access Control policies.

Keywords/Search Tags:

Open Platform, ABAC, Access Control, Authorization, OAuth

PDF Full Text Request

Related items

1	The Research And Implementation Of Integrated And Unified Authorization Management System
2	Research On Distributed Access Control Model Based On OAuth
3	The Design And Implementation Of Stubhub Unified Authentication And Authorization Platform
4	Design And Implementation Of Integrated Management Platform Of Open Social Network Service
5	The Design And Implementation Of Cloud Print System Based On OAUTH
6	A Research On The OAuth Protocol And Its Usage In Social Web Applications
7	Extended Attribute-based Access Control ABAC Collaborative Design Research
8	Research On Key Technologies Of Attribute-Based Access Control In Big Data Environment
9	Research On Privacy Protecting Policies And Access Control Rules In Social Network Information Sharing
10	The Research And Application Of The Access And Control Of The Site Group Platform Station In Colleges And Universities