• 论文 •    

面向服务的企业集成体系中信息安全模型研究

程  渤,浮花玲,杨国纬,庹先国   

  1. 1.电子科技大学 计算机科学与工程学院, 四川  成都  610054;2.成都理工大学 信息工程学院,四川  成都  610059
  • 出版日期:2005-08-15 发布日期:2005-08-25

Research on information security model for services oriented enterprise integration architecture

CHENG Bo, FU Hua-ling, YANG Guo-wei, TUO Xian-guo   

  1. 1.Sch. of Computer Sci. & Tech., Univ. of Electronic Sci.& Tech. of China, Chengdu  610054, China;2.Sch. of Info. Eng., Chengdu Univ. of Tech., Chengdu  610059, China
  • Online:2005-08-15 Published:2005-08-25

摘要: 为了解决面向服务的企业集成体系中的信息安全问题,提出了建立在面向服务的分布式J2EE企业集成平台上的可伸缩信息安全机制。该机制实现了基于可扩展标记语言规范扩展的简单对象访问协议加密和数字签名机制,建立了基于多角色和授权随工作流中任务实例变迁而变化的动态访问控制模型,并实现了多角色定制、动态任务授权以及多角色之间的授权和认证等关键技术。通过可伸缩信息安全机制,用户可以动态、安全地进行企业集成体系中系统的访问。最后,给出了可伸缩信息安全机制在电力系统企业集成体系中的信息安全解决方案。

关键词: 服务, 企业集成体系, 多角色, 工作流任务变迁, 动态访问控制, 可伸缩信息安全

Abstract: To solve the information security of integrated enterprise for the service-oriented architecture, a flexible service-oriented information security mechanism constructed on the distributed J2EE(Java to enterprise edition) enterprise integration platform was proposed. On the one hand, the implementation of the Simple Object Access Protocal (SOAP) encryption and signature based on the extended eXtensible Markup Language(XML) specifications in the security mechanism were acheived. On the other hand, the multi-roles and task instances migration based dynamic secure access control model was built, and key implementation technologies were also described in detail which including multi-roles customization, dynamic tasks authorization, and the authorization and authentication among multi-roles. In the end, a security solution schema on how to apply the flexible information security mechanism into the power enterprise integration environment was provided.

Key words: services, enterprise integrated architecture, multiples roles, migration of workflow task instances, dynamic access control, flexible information

中图分类号: