Acta Scientiarum Naturalium Universitatis Pekinensis

Previous Articles     Next Articles

XML-Based Context-Constraint Access Control Policy Management

ZHANG Zhikun1, XIAO Jianguo2, KONG Xiangning1   

  1. 1. Computer Center, Peking University, Beijing 100871; 2. Institute of Computer Science and Technology, Peking University, Beijing 100871;
  • Received:2009-07-28 Online:2010-07-20 Published:2010-07-20

基于XML的上下文约束访问控制策略管理

张治坤1,肖建国2,孔祥宁1   

  1. 1. 北京大学计算中心,北京100871; 2.北京大学计算机科学技术研究所,北京100871;

Abstract: With concern of the current research results as well as the features of the demands for access control of the Web-based application system, the authors propose a context constraint access control theory model on the level of standard reference model, from the perspective of flexibility, generality, and feasibility, and elaborate on the theory of this model and the architecture of access control system. Then the authors give the description and modeling of the access control policy and defines the entities and relations in the model by using a XML-based policy specification grammar called X-Grammar. Finally the overall function description and structure design is given, and an engineering method to elicit and define context constraints is raised.

Key words: context constraint, access control policy specification, access control

摘要: 结合当前研究成果和自身实践中应用系统访问控制需求的特点, 从灵活、通用、易实现的角度和标准参考模型的高度提出了一种带上下文约束的访问控制理论模型, 阐述了该模型的理论以及基于模型的应用系统访问控制体系架构; 进而在理论模型和访问控制架构的基础上, 用一种基于 XML 的策略描述语法规范X-Grammar 对访问控制策略进行描述和建模, 给出了模型中各实体和关系的形式定义。最后讨论访问控制系统的设计与实现, 并给出了整体的功能描述和结构设计。

关键词: 访问控制策略描述, 访问控制, 上下文约束

CLC Number: