摘要
分析了电子采购系统身份认证的常用方式及应用;结合P2DR模型及其体系结构,得出动态身份认证P2DR安全模型;针对电子采购系统的安全需求,提出了基于P2DR的电子采购系统身份认证策略模型。该策略模型根据不同用户在电子采购不同阶段的不同安全需求,综合考虑政策、成本、业务范围等因素,动态调整电子采购系统身份认证形式,实现"安全、成本、效率"的动态平衡。
The modes and applications of identity authentication in common used E-Procurement System (EPS) are analyzed in this paper firstly. Then, the dynamic identity authentication policy model is acquired according to Policy, Protection, Detection, and Response (P2DR) model and architecture. Finally, the identity authentication policy model based on P2DR is proposed for the security requirement of EPS. Considering all kinds of factors such as policy, cost, working scope and so on, this policy model can adjust the modes of EPS dynamically and realize the homeostasis among "security, cost and efficiency" for different security requirements and users in each stage of e-procurement.
出处
《电子科技大学学报》
EI
CAS
CSCD
北大核心
2007年第6期1315-1318,共4页
Journal of University of Electronic Science and Technology of China
关键词
电子采购系统
身份认证
信息安全
策略
e-procurement system
identity authentication
information security
policy
