计算机科学 ›› 2014, Vol. 41 ›› Issue (6): 104-107.doi: 10.11896/j.issn.1002-137X.2014.06.021
李冬辉,张斌,费晓飞,刘洋
LI Dong-hui,ZHANG Bin,FEI Xiao-fei and LIU Yang
摘要: 针对多值属性分量的XACML策略和策略请求之间的匹配需求,分析多值属性策略匹配中策略规则与请求匹配时两者的对应属性关系,依据属性之间的包含关系和权限蕴含关系,给出3个关于策略匹配的定理并加以证明。根据策略匹配的定理,提出多值属性匹配算法。最后进行实验验证,结果表明该算法能够提高多值属性分量策略的匹配效率。
| [1] OASIS.Extensible Access Control Markup Language (XAC-ML) V3.0[EB/OL].http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cd-1-en.pdf.April,2009 [2] 李晓峰,冯登国,何永忠.XACML Admin中的策略预处理研究[J].计算机研究与发展,2007,4(5):730-736 [3] Bertolino A,Daoudagh S,Lonetti F.Automatic XACML re-quests generation for policy Testing[C]∥2012IEEE Fifth International Conference on Software Testing,Verification and Validation,2012,185:842-849 [4] Liu A X,Fei Chen.Designing Fast and Scalable XACML Policy Evaluation Engines[J].IEEE Transactions on Computers,2011,2(60):1802-1816 [5] Butler B,Jennings B,Botvich D.An experimental testbed topredict the performance of XACML Policy Decision Points [C]∥12th IFIP/IEEE International Symposium on Integrated Network Management.2011:353-360 [6] Marouf S,Shehab M.Statistics and Clustering Based Framework for Efficient XACML Policy Evaluation [C]∥IEEE International Symposium on Policy for Distributed Systems and Networks.2009,36:118-125 [7] 谢辉.基于UCON改进模型的授权管理关键技术研究[D].郑州:解放军信息工程大学,2009:53-58 [8] 陈伟鹏,王娜娜.基于XACML的策略评估优化技术的研究[J].计算机应用研究,2013,0(3):900-905 [9] Jajodia S,Samarati P,Subrahmanian V S.A logical language for expressing authorizations [C]∥Proceedings of the 1997IEEE Symposium on Security and Privacy.Los Alamitos,California,USA,1997:31-42 [10] 王雅哲,冯登国.一种XACML规则冲突及冗余分析方法[J].计算机学报,2009,2(3):516-527 [11] Sun Microsystems Inc.Sun XACML Policy Engine.http://sunxacml.sourceforge.net/guide.html |
| No related articles found! |
|
||
首页