计算机工程与设计
計算機工程與設計
계산궤공정여설계
COMPUTER ENGINEERING AND DESIGN
2010年
6期
1216-1218
,共3页
OA系统%权限管理基础设施%权限管理%属性证书%安全模型
OA繫統%權限管理基礎設施%權限管理%屬性證書%安全模型
OA계통%권한관리기출설시%권한관리%속성증서%안전모형
OA system%privilege management infrastructure%rights management%attribute certificate%security model
鉴于OA系统中的非授权用户非法操作和合法用户的越权操作,以及PKI的公钥证书(PKC)只能提供身份验证,无法实现权限管理等问题,提出了一种基于PMI(权限管理基础设施)权限管理的OA安全模型.该模型使用PKI的公钥证书和PMI的属性证书进行身份验证和权限管理,防止了非法和越权操作,授权更具公正性和权威性.实践结果表明,该安全模型可以解决OA系统中用户的非授权访问、不可否认性和数据文件的保密性、完整性等安全性问题.
鑒于OA繫統中的非授權用戶非法操作和閤法用戶的越權操作,以及PKI的公鑰證書(PKC)隻能提供身份驗證,無法實現權限管理等問題,提齣瞭一種基于PMI(權限管理基礎設施)權限管理的OA安全模型.該模型使用PKI的公鑰證書和PMI的屬性證書進行身份驗證和權限管理,防止瞭非法和越權操作,授權更具公正性和權威性.實踐結果錶明,該安全模型可以解決OA繫統中用戶的非授權訪問、不可否認性和數據文件的保密性、完整性等安全性問題.
감우OA계통중적비수권용호비법조작화합법용호적월권조작,이급PKI적공약증서(PKC)지능제공신빈험증,무법실현권한관리등문제,제출료일충기우PMI(권한관리기출설시)권한관리적OA안전모형.해모형사용PKI적공약증서화PMI적속성증서진행신빈험증화권한관리,방지료비법화월권조작,수권경구공정성화권위성.실천결과표명,해안전모형가이해결OA계통중용호적비수권방문、불가부인성화수거문건적보밀성、완정성등안전성문제.
In view of illegal operation of non-authorized users and the operation of ultra vires from the legitimate user in the OA system, as well as the public key certificate of the PKI can only provide authentication, but fights management can not be achieved and so on. A rights management security model is provided based on PMI for the OA system. The model uses public key certificate of PKI and attribute certificate of PMI for the authentication and fights management. It is effective to prevent illegal and ultra vires operation, and make autho-rization more impartial and authoritative. Practice shows that this security model can solve some security problems like non-authorized users access, non-repudiation, privacy and integrity of the data documents and so on in the OA system.
