计算机科学 ›› 2014, Vol. 41 ›› Issue (7): 102-104.doi: 10.11896/j.issn.1002-137X.2014.07.020
上超望,刘清堂,赵刚,童名文
SHANG Chao-wang,LIU Qing-tang,ZHAO Gang and TONG Ming-wen
摘要: 业务流程访问控制机制是Web服务组合应用中的难点。针对现有BPEL4WS安全访问控制研究的不足,提出面向活动的BPEL4WS动态访问授权模型(ADABM)。通过解除组织模型和业务流程模型间的耦合关系,ADABM将BPEL4WS访问权限约束细化到活动一级,用户只在流程执行会话期的活动符合安全需求的情况下才拥有Web服务的访问授权,授权随着业务流程上下文动态授予和收回,授权流与业务流同步执行。文中最后还给出ADABM模型在Web服务安全组合应用中的实施框架。
[1] 宋巍,唐金辉,张功萱,等.WS-BPEL服务可替换性分析[J].中国科学:信息科学,2012,2(3):264-279 [2] Ahmed A.A compliance management framework for BusinessProcess models[D].Potsdam:University of Potsdam,2010 [3] Kristof G.Adaptive workflow composition in service-based systems[D].Leuven:Katholieke University,2012 [4] Manuel M,vNicola D.Implementing workflow reconfiguration in WS-BPEL[J].Journal of Internet Services and Information Security,2012,2(2):73-92 [5] Roman K.Provision of service level agreements in human-enhanced service-oriented computing environments[D].Vienna:Vienna University of Technology,2012 [6] Zahra D,Behrouz T L.A model for specification,compositionand verification of access control policies and its application to web services[J].Journal of Information Security,2012,3(2):103-120 [7] Mark S,Jan M.Modeling process-related RBAC models with extended UML activity models[J].Information and Software Technology,2011,53(2):456-483 [8] Yu Ding-guo.Role and task-based access control model for web service integration[J].Journal of Computational Information Systems,2012,8(7):2681-2689 [9] Ganna M,Achim D,et al.Security and Safety of Assets in Business Processes[C]∥Proceedings of the 27th Symposium on Applied Computing.2011:05-12 [10] Wang Xin.A framework to manage message level authorization in service oriented collaborative business processes[D].Melbourne:Victoria University,2010 [11] Bertino E,Martino D L,et al.Security for Web services and service-oriented architectures[M].Berlin:Springer,2010:170-175 [12] 上超望,刘清堂,等.组合Web服务访问控制技术研究综述[J].计算机科学,2011,2(3):264-279 [13] Allison D S, Miriam A M,Capretz H F,et al.Privacy Protection Framework with Defined Policies for Service-Oriented Architecture[J].Journal of Software Engineering and Applications,2012,9(5):200-215 [14] Thuemmler C,Fan L,et al.E-Health:Chances and Challenges of Distributed,Service oriented Architectures[J].Journal of Cyber Security and Mobility,2012,1(1):37-52 [15] Mohsen R.Security analysis for web services compositions [J].International Journal of Scientific & Engineering Research,2012,3(5):1-8 |
No related articles found! |
|