This paper studied the XACML and Amazon Web Services cloud computing platform, identified the five properties such as time property、user property, action property requirements to support for the AWS based on XACML access control system design. Based on the data type of the AWS acceptable JSON, user information acquisition method to determine the system module:Collecting user information,user Information and divide attribute of XACML access control and JSON access control strategy, finally designed the system.%通过对XACML 和Amazon Web Services云计算平台的研究,确定了时间属性、用户属性、动作属性等5个属性需求用以支持针对AWS的基于XACML访问控制系统的设计,根据AWS可接受的数据类型JSON以及用户信息采集方法确定了3个基本的系统模块:用户信息采集,分属性用户信息及XACML访问控制策略和JSON格式访问控制策略,最终实现系统设计。
展开▼