文献类型：期刊文献

中文题名：网格身份认证和细粒度访问控制模型的研究与设计

英文题名：The Study and Design of Identity Authentication and Detailed Access Control Model in Grid

作者：刘洪发[1];樊月华[2];任成梅[2]

第一作者：刘洪发

机构：[1]北京联合大学信息网络中心;[2]北京联合大学管理学院

第一机构：北京联合大学信息网络中心

年份：2007

卷号：21

期号：2

起止页码：45-48

中文期刊名：北京联合大学学报

基金：北京市教育委员会面上项目(KM200411417017)

语种：中文

中文关键词：网格安全;认证模型;访问控制

外文关键词：network security; identity authentication model; access control

摘要：网格是继因特网(Internet)、万维网(Web)之后,互联网发展的第三个里程碑。网格系统具有数据量大、地理上分布、数据库结构异构、其应用环境网络化、用户人数众多、分散的特点。开放的网络环境对信息的传输没有足够的安全保证。网格系统的安全问题已经成为网格研究的热点问题,国内外研究机构正在对网格安全问题进行广泛的研究。身份认证和访问控制机制是网格安全的重要研究方面,产生了集中式层次认证模型、混合交叉认证模型等网络安全认证模型。这些方法都存在各种各样的缺陷,如证书管理复杂,路经选择困难,不能进行细粒度的访问控制等。探讨在网格环境中跨域身份认证和细粒度访问控制系统方面,提出了基于多种认证组合和资源代理的网格身份认证及访问控制模型,通过混合身份认证和票据交换达到身份认证的及时性、有效性和细粒度资源控制,在用户数量大、更新频繁的情况下,达到系统响应速度快的要求。
Grid is the third milestone of Internet following Internet and Web. The distinguishing features of Grid are normally as followings： huge data, wide coverage and large users. Within the open network environment it is unsecured. The security of grid is an important aspects in which a lot of studies have been done. User Certification or access control is an important area in grid security study. Some proposals are developed, such as hierarchical structure authenticate model, cross authenticate model etc. There are some disadvantages in each of the models, for instance, it is complicated in certification management, in route match to find the certification and it can not be manage the access control in detailed mode. This study focuses on a cross area certification and access control in detailed mode in grid. A model for user certification authenticate authenticate method and ticket exchange, in grid based on multi authenticate methods is proposed Through multi this model can get access control in more detail with more efficiency