With popularization of network application, access control in dismibuted environment has attracted increasing attention. As a new distributed computing model,inherent heterogeneity, opening and highly dynamic nature of Web services determine that it requires more fiexible,fine-gained and dynamic authorization mechanism. It is more and more unsuitable for existing access control models and mechanisms to meet the requirement of securing the services in the SOC environment. A dynamic access control model based on timeconstraint and context (TCDAC) was proposed in this paper. The model extends role-based access control. By introducing time-constraint and context concept,the authorization of access control is related with time,and access control decision can be made dynamically according to context information. It improves the security of resoutrce access,and satisfies the demands of service-oriented system for dynamic access control.%随着网络应用的普及,分布式环境中的访问控制受到越来越多的关注.Web服务作为一种新型的分布式计算模式,其动态、开放、异构的特点决定其需要更加灵活、细粒度的动态授权机制.目前的访问控制模型越来越不能满足面向服务计算环境的安全需求.提出了一个基于时间约束和上下文的动态访问控制模型TCDAC.该模型对基于角色的访问控制进行扩展,引入时间约束和上下文的概念,使访问控制的授权与时间有关,并能根据上下文信息动态地做出访问控制决定,提高了访问控制的安全性,满足了面向服务系统访问控制对动态性的需求.
展开▼
