- 學位論文
在服務導向架構下的動態存取控制
Dynamic Access Control in Service-Oriented Architecture
若您是本文的作者,可授權文章由華藝線上圖書館中協助推廣。
摘要
在目前競爭激烈的企業環境下,快速的整合企業流程是非常重要的。服務導向架構即是針對此需求而產生的一種架構模型。採用服務導向架構來建構工作流程管理系統,透過與Web services的組合,可輕易的將異質系統作整合。克服在分散式系統中,造成整合困難的情形。由於工作流程系統在執行的過程中,會對某些資料進行存取。為了避免重要的資料被他人所竊取,加入了存取控制的機制來保護重要的資料。 本論文提出一種架構,針對在服務導向架構下達到動態存取控制。由於在工作流程處理邏輯中,會受到流程控制影響其流程的運作。針對此一特性,我們將工作流程的動態行為作描述。透過一轉換的程式,產生一個新的工作流程系統,可以動態地調整存取控制策略。在不更動到工作流程的整體結構下,產生其存取控制的策略,達到資料保護的目的。
並列摘要
It is very important to integrate business processes rapidly in the current competitive business environment. Service-oriented architecture is a structure model for this needs. Service-oriented architecture is used to construct a workflow management system through a combination of Web services can be easily be integrated heterogeneous systems. It overcomes the integrated problem in a distributed system. Because the workflow system executions in the process, certain information will be accessed. In order to avoid important information being stolen by others, and we join the access control mechanism to protect important information. This paper proposes a framework for service-oriented architecture to achieve dynamic access control. Because the workflow process logic, process control will be affected the operation of its processes. We describe the dynamic behavior of the workflow for the feature. Through a conversion program to generate a new workflow system that can dynamically adjust the access control policy. It doesn’t change the overall structure of the workflow, and the production of the policy can achieve the purpose of data protection.
參考文獻
[7]. OASIS, “Web Services Business Process Execution Language 2.0”, OASIS Standard, April 2007, http://www.oasis-open.org/committees/wsbpel.
[9]. Dr. Frank Leymann, “Web Service Flow Language (WSFL 1.0)”, May 2001.
[10]. Ravi Sandhu, David Ferraiolo and Richard Kuhn. “The NIST Model for Role-Base Access Control: Towards A Unified Standard”.
[14]. Roshan K. Thomas and Ravi S. Sandhu, “Task-based authorization controls (TBAC): a family of models for active and enterprise-oriented authorization management”, Proceedings of the IFIP WG11.3 Workshop on Database Security, 1997.
[20]. Peng Liu, Zhong Chen, “An Access Control Model for Web Services in Business Process”, Proceedings of the IEEE/WIC/ACM International Conference on Web Intelligence (WI’04), 2004.
延伸閱讀
- 蘇品長、陳文彬(2012)。適用於雲端環境下之動態服務存取方法。國防管理學報,33(2),1-14。https://doi.org/10.29496/JNDM.201211.0001
- 蘇品長、張嘉烈、沈家正(2017)。跨系統動態存取控制方法之探討。國防管理學報,38(1),11-20。https://www.airitilibrary.com/Article/Detail?DocID=10224858-201705-201706260015-201706260015-11-20
- Chen, T. S., Huang, Y. F., & Wong, Y. C. (1999). 使用者階級組織之動態存取控制問題. 大葉學報, 8(1), 39-47. https://doi.org/10.7119/JDYU.199906.0039
- Yao, L. J. (2006). 物件導向系統之有效率的動態記憶體配置器 [master's thesis, Tatung University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0081-0607200917240667
- Bokhari, S. M. A., Habiba, U. E., Azam, F., & Abbas, M. (2015). Limitations of Service Oriented Architecture and its Combination with Cloud Computing. Bahria University Journal of Information & Communication Technologies, 8(1), 7-13. https://www.airitilibrary.com/Article/Detail?DocID=19994974-201504-201609020001-201609020001-7-13