期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于活动授权的组合Web服务业务流程动态访问控制模型研究

STUDY ON ACTIVITY AUTHORIZATION BASED DYNAMIC ACCESS CONTROL MODEL FOR COMPOSITE WEB SERVICES BUSINESS PROCESS
在线阅读 下载PDF
导出
摘要 业务流程访问控制机制是组合Web服务安全应用中的难点问题。针对现有研究不足,提出基于活动授权的Web服务业务流程动态访问控制模型AACBP(Activity Authorization Based Dynamic Access Control Model for BPEL4WS)。通过解除组织模型和业务流程模型间的耦合关系,AACBP将活动授权作为BPEL4WS(Business Process Expression Language for Web Services)活动访问控制实施的基本单元。依据活动实例动态感知上下文,AACBP细粒度约束活动访问授权,实现授权流与业务流程执行同步。最后给出AACBP模型在Web服务安全组合中的实施机制。 Business process access control mechanism is a difficult problem in composite web services security applications. Considering the deficiency in current researches,an Activity Authorization Based Dynamic Access Control Model for BPEL4WS( AACBP) is proposed. By dissolving the coupling relationship between the organization model and the business process model,AACBP utilizes activity authorization as the basic unit to implement BPEL4WS access control. Through the activity instances,the model implements fine-gained access control of the activities,and realizes the synchronization of authorization and business process execution. At last,the paper also describes the implementation architecture of AACBP model in web services secure composition.
作者 上超望 刘清堂 赵呈领 童名文
机构地区 华中师范大学信息与新闻传播学院
出处 《计算机应用与软件》 CSCD 北大核心 2014年第5期14-16,135,共4页 Computer Applications and Software
基金 国家"十二五"科技支撑计划课题(2012BAD35B02) 华中师范大学中央高校基本科研业务费资助项目(CCNU11A01042)
关键词 活动授权 组合WEB服务 业务流程 访问控制 Activity authorization Composite web services Business process Access control
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献11

  • 1宋巍,唐金辉,张功萱,马晓星.WS-BPEL服务可替换性分析[J].中国科学:信息科学,2012,42(3):264-279. 被引量:10
  • 2Hristo K.A Survey on Distributed Access Control Systems for Web Bus-iness Processes [ J ].International Journal of Network Security,2009,9(1):61-69.
  • 3Dat D H,Hye Y P,Chae K Kim.Service-Oriented Middleware Archi-tectures for Cyber-Physical Systems [ J].International Journal of Com-puter Science and Network Security,2011,12(1):80-89.
  • 4Alberto C,Silvio R,Luca V.Automated Validation of Security-Sensitive Web Services Specified in BPEL and RBAC [ C ]//IEEE International Conference on Symbolic and Numeric Algorithms for Scientific Compu-ting,2010:456-464.
  • 5Hicham B,Hatim H,Mahmoud N,et al.Towards a Context-Aware Composition of Services[ J ].International Journal of Computer Science and Network Security,2012,12(3):133-141.
  • 6Ding G Y.Role and Task-based Access Control Model for Web Service Integration [ J ].Journal of Computational Information Systems,2012,8(7):2681-2689.
  • 7Ganna M,Achim D,et al.Security and Safety of Assets in Business Processes [ C ]//Proceedings of the 27th Symposium on Applied Com-puting,2011:5-12.
  • 8Mark S,Jan M.Modeling process-related RBAC models with extended UML aetivity models [ J ].Journal of Information and Software Technolo-gy,2011,53(6):456-483.
  • 9Xin W,Yah C Z,et al.BPEL4RBAC:An Authorisation Specification for WS-BPEL[ C ]//Proc.of 2008 Web Information Systems Engineer-ing,2008:381-395.
  • 10David S. Allison,Miriam A. M. Capretz,Hany F. EL Yamany,Shuying Wang.Privacy Protection Framework with Defined Policies for Service-Oriented Architecture[J].Journal of Software Engineering and Applications,2012,5(3):200-215. 被引量:2

二级参考文献6

共引文献9

计算机应用与软件
2014年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部