中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Subject: Computer Science
Title:
基于服务构件集成的安全访问业务建模方法
Alternative Title: on modelling secure access business based on integration of service components
Author: 朱玉涛 ; 王雅哲 ; 武传坤
Keyword: Common security technology ; Integration of security service components ; Aspect-oriented programming(AOP) ; Business process execution language(BPEL) ; Security access business process
Source: Computer Applications and Software
Issued Date: 2012
Volume: 29, Issue:2, Pages:1-4,12
Indexed Type: cscd,cnki,wanfang
Department: 朱玉涛, 中国科学院软件研究所, 信息安全国家重点实验室;;信息安全共性技术国家工程研究中心, 北京 100190, 中国. 王雅哲, 中国科学院软件研究所, 信息安全国家重点实验室;;信息安全共性技术国家工程研究中心, 北京 100190, 中国. 武传坤, 中国科学院软件研究所, 北京 100190, 中国.
Abstract: 提出共性安全构件的概念以及基于服务构件集成的安全访问业务建模方法:从业务建模角度按照自顶向下的模式,对安全访问流程中相关的业务模块进行抽离,利用 BPEL针对身份认证、访问授权和审计认定三类安全服务构件,设计了一个完整的安全业务访问控制流程;从安全开发经验角度按照自底向上的模式,搭建共性安 全构件三层体系平台,并将软件工程中的AOP和D I思想引入到构件组装开发过程中,实现根据具体场景的、可定制的配置型开发。最后利用服务构件搭建安全认证系统并与CAS、OpenID进行性能测试,分 析基于服务构件的安全访问业务建模方法的可用性。
English Abstract: The concept of common security components and the method of modelling secure access business based on integration of services components are presented.From the perspective of business modelling and according to top-to-bottom mode,it detaches relevant business modules from secure access process,and uses BPEL to bind the Authentication Service Components,Authorisation and Control Service Components and Audit Service Components into a complete process of secure business access control.From the perspective of experience of security development and according to bottom-to-top mode,it builds a three-tier architecture of common security components and introduces the advanced software design patterns such as Aspect-Oriented Programming and Dependency Injection into the development of components assembly,which achieves the application-related,customisable and configurable development.At last,a security authentication system is constructed using services components and a performance test on it is conducted together with CAS and OpenID,and the analysis on the availability of the method this paper proposed is made as well.
Language: 中文
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/14673
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:
File Name/ File Size Content Type Version Access License
基于服务构件集成的安全访问业务建模方法.pdf(951KB)----限制开放 联系获取全文

Recommended Citation:
朱玉涛,王雅哲,武传坤. 基于服务构件集成的安全访问业务建模方法[J]. Computer Applications and Software,2012-01-01,29(2):1-4,12.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[朱玉涛]'s Articles
[王雅哲]'s Articles
[武传坤]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[朱玉涛]‘s Articles
[王雅哲]‘s Articles
[武传坤]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace