本文選題：訪問(wèn)控制 + 電子政務(wù)　； 參考：《大連理工大學(xué)》2014年碩士論文

【摘要】：經(jīng)過(guò)幾十年的不斷發(fā)展,我國(guó)電子政務(wù)已經(jīng)初具規(guī)模,并且得益于國(guó)家的高度關(guān)注,目前正處于高速發(fā)展時(shí)期。但是,由于早期的無(wú)規(guī)劃、無(wú)組織建設(shè),導(dǎo)致了各部門、各單位建立的電子政務(wù)應(yīng)用系統(tǒng)之間無(wú)法互通互聯(lián)。而隨著時(shí)代的進(jìn)步,那些遺留下來(lái)的電子政務(wù)應(yīng)用系統(tǒng)越來(lái)越不能滿足公眾的服務(wù)需求。因此,人們嘗試運(yùn)用Web服務(wù)技術(shù)將遺留系統(tǒng)進(jìn)行整合或者重建,從而為公眾提供更加便捷、高效、優(yōu)質(zhì)的政務(wù)服務(wù)。 然而,在基于Web服務(wù)的電子政務(wù)系統(tǒng)中,Web服務(wù)本身的開(kāi)放性以及訪問(wèn)的主體和客體具備的動(dòng)態(tài)性,都給系統(tǒng)的安全性帶來(lái)了很大的安全隱患�，F(xiàn)有的訪問(wèn)控制技術(shù)難以保證基于Web服務(wù)的電子政務(wù)系統(tǒng)中訪問(wèn)授權(quán)的安全性和靈活性。 為了解決基于Web服務(wù)的電子政務(wù)系統(tǒng)的訪問(wèn)控制和授權(quán)管理問(wèn)題,分析了政府的組織結(jié)構(gòu)、基于Web服務(wù)的電子政務(wù)系統(tǒng)自身的特點(diǎn)以及訪問(wèn)控制特性,然后在深入研究基于組織的四層訪問(wèn)控制模型(OB4LAC)的基礎(chǔ)上,提出了基于組織的Web服務(wù)訪問(wèn)控制模型(WS-OBAC)。 WS-OBAC模型以組織為核心,從管理的視角研究訪問(wèn)控制與授權(quán)管理問(wèn)題。通過(guò)引入崗位代理和授權(quán)單元,授權(quán)會(huì)隨著環(huán)境上下文信息的變化而調(diào)整,實(shí)現(xiàn)了動(dòng)態(tài)授權(quán),同時(shí)利用授權(quán)單元的狀態(tài)遷移,對(duì)工作流模式提供支持。并且模型將權(quán)限分為服務(wù)權(quán)限和服務(wù)屬性權(quán)限兩級(jí),實(shí)現(xiàn)細(xì)粒度的資源保護(hù)。 同時(shí),本文還給出了WS-OBAC的管理模型(AWS-OBAC)對(duì)模型中涉及的崗位、角色、服務(wù)權(quán)限等元素之間的相互指派關(guān)系以及崗位和角色的層級(jí)關(guān)系進(jìn)行管理,并給出了形式化描述。 最后,探討了WS-OBAC模型在基于Web服務(wù)的電子政務(wù)系統(tǒng)中的應(yīng)用,對(duì)基于WS-OBAC模型的授權(quán)管理系統(tǒng)進(jìn)行了分析和設(shè)計(jì),并通過(guò)實(shí)際應(yīng)用案例驗(yàn)證了模型的科學(xué)性和實(shí)用性。 本文提出的WS-OBAC模型能夠很好的契合電子政務(wù)系統(tǒng)中的復(fù)雜組織結(jié)構(gòu),在保護(hù)Web服務(wù)資源的同時(shí),使得授權(quán)更加高效、靈活,從而為基于Web服務(wù)的電子政務(wù)系統(tǒng)建設(shè)的順利進(jìn)行保駕護(hù)航。
[Abstract]:After decades of continuous development, China's e-government has begun to take shape, and thanks to the country's high level of concern, is in a period of rapid development. However, due to the unplanned and unorganized construction in the early stage, the electronic government application systems established by various departments and units cannot be interconnected. Along with the progress of the times, those legacy e-government application systems can not meet the service needs of the public more and more. Therefore, people try to use Web services technology to integrate or rebuild legacy systems, so as to provide more convenient, efficient and high-quality government services for the public. However, in the E-government system based on Web services, the openness of web services and the dynamic nature of the subject and object of access bring a great security hazard to the security of the system. The existing access control technology is difficult to guarantee the security and flexibility of access authorization in the E-government system based on Web services. In order to solve the problems of access control and authorization management of E-government system based on Web service, the paper analyzes the organizational structure of government, the characteristics of E-government system based on Web service and the characteristics of access control. Then, based on the in-depth study of OB4LAC-based four-layer access control model, an organization-based Web services access control model is proposed. The WS-OBAC model focuses on organization and studies access control and authorization management from the perspective of management. By introducing post agent and authorization unit, authorization will be adjusted with the change of environment context information, and dynamic authorization can be realized. At the same time, the state migration of authorization unit is used to support workflow mode. The model divides the privilege into two levels: the service permission and the service attribute permission to realize the fine-grained resource protection. At the same time, the management model of WS-OBAC (AWS-OBAC) is given to manage the assignment relationship among the elements of the model, such as position, role, service authority, and the hierarchical relationship between posts and roles, and a formal description is given. Finally, this paper discusses the application of WS-OBAC model in E-government system based on Web service, analyzes and designs the authorization management system based on WS-OBAC model, and verifies the scientificity and practicability of the model through practical application cases. The WS-OBAC model proposed in this paper can fit well with the complex organization structure in the E-government system. It can protect the resources of Web services and make the authorization more efficient and flexible. Thus, it can guarantee the smooth construction of e-government system based on Web service.
【學(xué)位授予單位】：大連理工大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 張曉菲;許訪;沈昌祥;;基于可信狀態(tài)的多級(jí)安全模型及其應(yīng)用研究[J];電子學(xué)報(bào);2007年08期

2 洪帆,趙曉斐;基于任務(wù)的訪問(wèn)控制模型及其實(shí)現(xiàn)[J];華中科技大學(xué)學(xué)報(bào)(自然科學(xué)版);2002年01期

3 張志勇;楊林;馬建峰;普杰信;;基于可信計(jì)算的CSCW系統(tǒng)訪問(wèn)控制[J];華中科技大學(xué)學(xué)報(bào)(自然科學(xué)版);2008年01期

4 劉瓊波,施軍,尤晉元;分布式環(huán)境下的訪問(wèn)控制[J];計(jì)算機(jī)研究與發(fā)展;2001年06期

5 許峰 ,賴海光 ,黃皓 ,謝立;面向服務(wù)的角色訪問(wèn)控制技術(shù)研究[J];計(jì)算機(jī)學(xué)報(bào);2005年04期

6 王昌達(dá),鞠時(shí)光;BLP安全模型及其發(fā)展[J];江蘇大學(xué)學(xué)報(bào)(自然科學(xué)版);2004年01期

7 彭凌西;楊頻;彭銀橋;孫飛顯;曾金全;劉才銘;;使用控制訪問(wèn)模型的研究[J];計(jì)算機(jī)應(yīng)用研究;2007年09期

8 李大珊;電子政務(wù)與政府管理變革[J];技術(shù)經(jīng)濟(jì)與管理研究;2003年02期

9 王晉;舒寶淇;;芻議大數(shù)據(jù)時(shí)代的電子政務(wù)[J];新世紀(jì)圖書館;2013年07期

10 鄧集波,洪帆;基于任務(wù)的訪問(wèn)控制模型[J];軟件學(xué)報(bào);2003年01期

相關(guān)博士學(xué)位論文 前3條

1 羅鑫;訪問(wèn)控制技術(shù)與模型研究[D];北京郵電大學(xué);2009年

2 李懷明;電子政務(wù)系統(tǒng)中基于組織的訪問(wèn)控制模型研究[D];大連理工大學(xué);2009年

3 張惲;我國(guó)電子政務(wù)IT治理模式與過(guò)程研究[D];復(fù)旦大學(xué);2010年

，

本文編號(hào)：1821057