The Research And Application Of Access Control Model Based On Attribute In The WEB Services

With the development of the information era,the Internet application based on Web services showing the explosive growth trend,people are enjoying the convenience but also greatly increases the security risks of privacy information exposure.Internal and government information departments involved in the security incidents have occurred,that has seriously affected the safety of the office environment related to office personnel.It is very important to set up the safe protection system and perfect security strategy,and use the information technology and the institutionalized safety management to establish the safe office protection system.As an important technology of network security and protection,access control has been widely used in the security information system.However,the traditional access control technology has been unable to meet the security needs of network applications in the new era.Attribute based access control technology is a kind of related entity attribute based decision-making and authorization access control technology,starting from the perspective of entity,the fine-grained access control and application scenarios can make the system flexible control under various conditions.Extensible Access Control Markup Language XACML(eXtensible Access Control Markup Language)is an important specification on the attribute based access control,it can adapt to a variety of application scenarios,meet a variety of complex and fine-grained access control security requirements.The main research work of this paper includes:First of all,through the research and analysis of the XACML framework combined with the safety statement language framework put forward business system XACML system reinforcement based on Web service based access control model,guarantee the terminal access service system security design,property management framework,using attribute based encryption algorithm and inference framework to protect the user's privacy properties;Secondly,the research method of unified strategy based on XACML,gives a formal description of strategy related elements,through the policy reference rules to achieve authority and reuse,optimization strategy combination algorithm,a simple and efficient strategy decision scheme;Then,the design of mobile office system,combined with the business characteristics of the access control framework and mobile office,to upgrade the traditional office system,more convenient,fast and safe path for office staff to strengthen security measures,mobile office personnel service system;Finally,through in the campus network environment deployment,the system was tested using a variety of different scenes combined.Results show that the framework and system design for user access behavior has good control and supervision.The use of technology and the proposed solution has practical and strong research value.