摘要
以XML文档的特殊结构为基础,将加密与访问控制结合起来,提出了一个访问控制模型(AccessControlModel,ACM)。根据访问控制模型,按照主机角色及其特点、主机角色间的关系和访问控制策略库(AccessControlBase,ACB),设计了XML文档分组加密算法,产生密钥对照表,进行密钥分配与管理,将依据一个或多个密钥对XML文档解密的任务交给主机,减轻服务器的负担;根据访问控制策略对主机的访问权限进行时间限制,在访问控制模型的基础上提出依据访问控制权限,将加密后的XML文档安全传送给不同级别主机,并进行安全检查的方法。
Extcnsible Markup Language (XML) has become the standard for data interchange on the Internet. In this paper, based on the special structure of XML documents, an access control model (ACM) was brought forth. According to this access control model and different roles of hosts, their characteristics, their relationships and access control base (ACB), an algorithm of grouping and encrypting XML documents was designed. Key-collation table was created and keys were distributed and managed. Hosts use one or more keys to decrypt XML documents and the server is set free. The access of hosts is temporally controlled by ACB. On the basis of access control model, the method of transmitting securely XML documents encrypted according to access control privileges, to hosts of different grades, and the method of security check-up were put forward.
出处
《计算机应用》
CSCD
北大核心
2006年第5期1061-1063,共3页
journal of Computer Applications
关键词
XML
访问控制
粒度
加密
XML
access control
granularity
encryption
