在Web资源访问控制中,利用可扩展标记语言(XML)来改进授权管理基础设施(PMI)的属性证书(AC),替代ASN.1的证书编码方式,加快了证书的解码速度,提高了PMI的效率,也使系统具有良好的可扩展性.访问控制主要采用基于角色的访问控制(RBAC)思想,将属性证书分为角色分配证书和角色规范证书,实现策略方便灵活,利于实现细粒度的访问控制.%Using XML which replace of ASN. 1 coding mode to improve attribute certificate (AC) of PMI. It quickens the speed of AC decodification, improve the efficiency of privilege management infrastructure (PMI), and makes the system more expansible. RBAC is the most access control method. The AC is divided to role specification certificate and role assignment certificate. It implements policy more flexible and can achives more careful access control of Web resource.
展开▼