In order to solve the security problem of resource access control in the grid environment, this paper presents an access control model based on XACML and SAML, which through analyzing the XACML and SAML. The model describes authorization policy about access control by XACML, the SAML assertion is used to exchange user' s authentication and authorization information. The model provides security and fine-grained access control, the frame ensure flexibility and extensibility of the model.%为了解决网格环境下资源访问控制存在的安全性问题,通过分析可扩展访问标记语言XACML、安全声明标记语言SAML及其相关技术,提出了一个基于XACML和SAML的访问控制模型.模型采用可扩展访问标记语言XACML描述访问控制的授权策略,以SAML声明为载体传递用户认证和授权信息,提供安全、细粒度的访问控制,具有较高的灵活性和可扩展性.
展开▼
