机构地区: 北京科技大学计算机与通信工程学院
出 处: 《计算机科学》 2009年第2期275-277,286,共4页
摘 要: 在整个"软件人"安全体系结构中,授权是给特定的委托人授予特定资源访问权的一种访问控制机制,有必要对其内涵和表示形式进行深入探讨。扩展了大多数现有Agent平台所依赖的Java授权语义,总结出包括正向授权在内的5种授权机制,并且设计了适应"软件人"应用场景的新的权限类型。通过对比优选出适合"软件人"策略表示的方案,提出了一种具有高扩展性和灵活性的基于策略的"软件人"授权模型。 Authorization model is a mechanism for those given consigners to visit and control their special resources in whole SoftMan security architecture, so it is necessary to go deep into its connotation and denotation. The paper extended the Java's authorization semantics which has been popularly used in many Agent platforms,and there are five kinds of authorization mechanisms including positive authorization. A new permission types and a policy presentation schema were designed which is exactly suitable for SoftMan scenarios. A kind of policy-based SoftMan authorization model with high scalability and flexibility was put forward.