资源受限环境对认证和授权提出了轻载性、灵活性、基于局部条件的访问策略和端到端的安全性等更复杂的要求.应用实例分析表明,基于OAuth 2.0扩展的授权架构适合于受限环境安全需求,它将资源花销较大的授权决策工作外包给资源不受限的可信第三方节点,而授权决策的执行和局部条件的评估则由受限设备来处理,可提高认证和授权的灵活性和细粒度性.%The resource-constrained environments proposed the more complicated needs of lightweight, flexibility, access policies based on local conditions and end-to-end security for the authentication and authorization mechanisms.The application example analysis indicated that the extended OAuth 2.0 authorization framework can satisfy the security requirements for constrained environments.The proposed framework outsources authorization decision making to an unconstrained, trusted third party while performing authorization decision enforcement and verification of local conditions in constrained devices, which can improve the flexibility and fine-grained of authorization framework.
展开▼