【摘要】：隨著電子商務(wù)、電子政務(wù)以及各種電子科技的迅猛發(fā)展,人們的生活和工作越來越離不開互聯(lián)網(wǎng),互聯(lián)網(wǎng)的普及已經(jīng)完全改變了人類的交往和交流方式,人們通過Web服務(wù)資源進(jìn)行交流的同時(shí)由于其本身固有的開放性和共享性,也為人們在網(wǎng)絡(luò)中的交流帶來了潛在的風(fēng)險(xiǎn)。訪問控制是保障Web服務(wù)安全的一個(gè)重要的方面,能夠使Web服務(wù)資源更安全、有效、合法、受控的被請求者訪問。本文在研究了傳統(tǒng)的信任機(jī)制及訪問控制方法的基礎(chǔ)上,針對當(dāng)前引入了信任機(jī)制的訪問控制模型所存在的信任度表征形式單一、沒有對用戶主觀貪婪欲加以限制等問題,提出一種基于多維信任度的訪問控制方法,并將該方法運(yùn)用到路由監(jiān)測系統(tǒng)中。本文主要進(jìn)行了以下幾方面的工作:1、對本文研究的背景及意義以及在Web服務(wù)下訪問控制的國內(nèi)外研究現(xiàn)狀進(jìn)行了綜述。2、對本文所需要用到的關(guān)鍵技術(shù)進(jìn)行了研究,包括Web服務(wù)的相關(guān)特征及安全性分析、訪問控制技術(shù)以及信任機(jī)制技術(shù)等,并對相關(guān)技術(shù)進(jìn)行對比。3、針對于現(xiàn)有的基于信任度的訪問控制模型的不足,提出了一種多維信任度的訪問控制方法,通過客體在系統(tǒng)中的信譽(yù)值及需求度的變化對其進(jìn)行動態(tài)授權(quán),更新其在系統(tǒng)中的權(quán)限范圍。闡明了本文模型的原理、多維信任度的構(gòu)造計(jì)算方法及信任度動態(tài)更新并給出具體的計(jì)算公式與模型邏輯流程并進(jìn)行了仿真驗(yàn)證。4、將本文所提的訪問控制方法應(yīng)用于某路由監(jiān)測系統(tǒng)中,設(shè)計(jì)并實(shí)現(xiàn)了支持多維信任的訪問控制的路由監(jiān)測系統(tǒng),同時(shí)對路由監(jiān)測系統(tǒng)中的管控模塊進(jìn)行詳細(xì)設(shè)計(jì),然后對管控模塊中的訪問控制子模塊進(jìn)行了詳細(xì)的功能、流程設(shè)計(jì)并對其進(jìn)行了實(shí)現(xiàn)。5、根據(jù)已完成的設(shè)計(jì)方案,對路由監(jiān)測系統(tǒng)進(jìn)行環(huán)境搭建,并對訪問控制子模塊進(jìn)行系統(tǒng)測試,得出測試結(jié)果并進(jìn)行分析。
[Abstract]:With the rapid development of e-commerce, e-government and various electronic technologies, people's life and work are becoming more and more inseparable from the Internet. The popularity of the Internet has completely changed the way human beings communicate and communicate. At the same time, because of its inherent openness and sharing, people communicate through Web service resources, which also brings potential risks to people's communication in the network. Access control is an important aspect to ensure the security of Web services, which can make Web service resources more secure, effective, legitimate and controlled access to the requested party. On the basis of studying the traditional trust mechanism and access control method, this paper aims at the problems of single trust representation and no restriction on users' subjective greed in the current access control model which introduces trust mechanism. An access control method based on multidimensional trust is proposed and applied to routing monitoring system. The main work of this paper is as follows: 1. The background and significance of this study and the research status of access control under Web services at home and abroad are reviewed. 2, the key technologies needed in this paper are studied. Including the related characteristics and security analysis of Web services, access control technology and trust mechanism technology, and compare the related technologies. 3, aiming at the shortcomings of the existing access control model based on trust. In this paper, a multi-dimensional trust access control method is proposed, which dynamically authorizes the object through the change of reputation value and demand degree in the system, and updates its authority range in the system. The principle of the model, the construction and calculation method of multi-dimensional trust degree and the dynamic update of trust degree are expounded, and the concrete calculation formula and model logic flow are given and verified by simulation. The access control method proposed in this paper is applied to a routing monitoring system, and a routing monitoring system supporting multi-dimensional trust access control is designed and implemented. At the same time, the control module in the routing monitoring system is designed in detail. Then the access control sub-module in the control module is designed in detail, and the process is designed and implemented. 5. According to the completed design scheme, the environment of the routing monitoring system is built. The access control sub-module is tested systematically, and the test results are obtained and analyzed.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2017
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前4條

1 劉武;段海新;張洪;任萍;吳建平;;TRBAC:基于信任的訪問控制模型[J];計(jì)算機(jī)研究與發(fā)展;2011年08期

2 賀正求;吳禮發(fā);洪征;王睿;李華波;;Web服務(wù)安全問題研究[J];計(jì)算機(jī)科學(xué);2010年08期

3 李明楚;楊彬;鐘煒;田琳琳;江賀;胡紅鋼;;基于反饋機(jī)制的網(wǎng)格動態(tài)授權(quán)新模型[J];計(jì)算機(jī)學(xué)報(bào);2009年11期

4 胡建理;吳泉源;周斌;劉家紅;;一種基于反饋可信度的分布式P2P信任模型[J];軟件學(xué)報(bào);2009年10期

相關(guān)碩士學(xué)位論文 前1條

1 郭曉晶;Web服務(wù)安全策略研究[D];西安電子科技大學(xué);2009年

，

本文編號：2496593