基于RBAC的PMI研究与设计
|
摘要
基于国际电信联盟ITU X.509证书标准的公钥基础设施(Public Key Infrastructure,简称PKI)在过去几年里已成为电子商务、电子政务等网络应用中不可缺少的安全支撑系统和技术规范。然而伴随着网络应用的不断扩展和深入,仅仅确定用户身份,知道“他是谁”,已不能满足安全系统的要求,还应该提供新的手段进一步确定“他能做什么”来进行权限管理和访问控制。特权管理基础设施(Privilege Management Infrastructure,简称PMI)的概念也就应运而生。
论文的主要部分包括以下章节。第二章介绍电子政务和密码学理论的概念和基础知识。第三章研究和分析PMI的相关标准,基本构成和重要模型,对比PMI与PKI之间的联系与区别。第四章首先分析基于角色访问控制(RBAC)的RBPMI应用需求,然后设计系统总体框架结构,详细阐述其工作流程,并重点研究与设计访问控制机制、授权机制和证书结构。最后讨论证书撤销和更新的机制。第五章是结论。
本文作者在深入了解PMI的相关标准和现有模型的基础上,提出了自己的特权管理模型,实现了访问控制与权限管理的统一。课题是在我国特别是电子政务领域还没有明确的相关规范和统一标准的背景下完成的。因而对于今后这个领域的研究和应用都具有一定的理论价值和实际意义。
Public Key Infrastructure (PKI) based on the ITU-T X.509 standard has become an indispensable security supporting system and technical specification for network application such as e-business and e-government in the past few years. However, with the rapid growth of Internet, it is not sufficient merely to authenticate communicating parties, which is to know who you are. Besides to recognize a remote party's identity, we also need to know what actions they may perform. Thus, we need an authorization mechanism. Privilege Management Infrastructure (PMI) enables authorization after authentication has occurred.
This thesis is organized as follows. Chapter 2 introduces the relevant theories of e-government and cryptography. Chapter 3 presents the basic ideas of PKI and PMI, and provides a comparison between them. Based on role-based access control and attribute certificate, an improved PMI model (RBPMI) is proposed in chapter 4. Firstly we summarize the performance-related requirements that RBPMI has to fulfill. Then the architecture and workflow are explicitly described. We emphasize the research and design of access control mechanism, the authorization scheme and the certificate structure. Finally we discuss the mechanisms of certificate revocation and freshness. Chapter 5 presents conclusion and proposes further work.
Based on the theory of PMI, this paper gives a revised privilege management model to implement access control and privilege management. It is accomplished under the condition that there aren't explicit related specifications and standards in our country especially in e-government. It might be helpful to the further research and application in this area.
论文的主要部分包括以下章节。第二章介绍电子政务和密码学理论的概念和基础知识。第三章研究和分析PMI的相关标准,基本构成和重要模型,对比PMI与PKI之间的联系与区别。第四章首先分析基于角色访问控制(RBAC)的RBPMI应用需求,然后设计系统总体框架结构,详细阐述其工作流程,并重点研究与设计访问控制机制、授权机制和证书结构。最后讨论证书撤销和更新的机制。第五章是结论。
本文作者在深入了解PMI的相关标准和现有模型的基础上,提出了自己的特权管理模型,实现了访问控制与权限管理的统一。课题是在我国特别是电子政务领域还没有明确的相关规范和统一标准的背景下完成的。因而对于今后这个领域的研究和应用都具有一定的理论价值和实际意义。
Public Key Infrastructure (PKI) based on the ITU-T X.509 standard has become an indispensable security supporting system and technical specification for network application such as e-business and e-government in the past few years. However, with the rapid growth of Internet, it is not sufficient merely to authenticate communicating parties, which is to know who you are. Besides to recognize a remote party's identity, we also need to know what actions they may perform. Thus, we need an authorization mechanism. Privilege Management Infrastructure (PMI) enables authorization after authentication has occurred.
This thesis is organized as follows. Chapter 2 introduces the relevant theories of e-government and cryptography. Chapter 3 presents the basic ideas of PKI and PMI, and provides a comparison between them. Based on role-based access control and attribute certificate, an improved PMI model (RBPMI) is proposed in chapter 4. Firstly we summarize the performance-related requirements that RBPMI has to fulfill. Then the architecture and workflow are explicitly described. We emphasize the research and design of access control mechanism, the authorization scheme and the certificate structure. Finally we discuss the mechanisms of certificate revocation and freshness. Chapter 5 presents conclusion and proposes further work.
Based on the theory of PMI, this paper gives a revised privilege management model to implement access control and privilege management. It is accomplished under the condition that there aren't explicit related specifications and standards in our country especially in e-government. It might be helpful to the further research and application in this area.
引文
[1] ITU-T Recommendation X.509: Information Technology-Open Systems Interconnection-The Directory : Public-Key and Attribute Certificate Frameworks. 2001
[2] 关义章,戴宗坤.信息系统安全工程学.电子工业出版社,2002.12
[3] 曲成义.电子政务安全保障体系探索.信息安全与通信保密.2003年第6期.pp.22-26
[4] http://www.infosec.org.cn
[5] http ://www.egs.org.cn
[6] Bruce Schneier.应用密码学:协议、算法与C源程序.吴世忠等译.机械工业出版社,2000
[7] William Stallings.密码编码学与网络安全——原理与实践.杨明等译.电子工业出版社,2001.4
[8] 王育民,何大可.保密学基础与应用.西安电子科技大学出版社,1990
[9] 冯登国,裴定一.密码学导引.科学出版社,1999
[10] Rolf Oppliger, Gunther Pernul, Christine Strauss. Using Attribute Certificates to Implement Role-based Authorization and Access Controls. Proceedings of the 4th Fachtagung Sicherheit in Informations System, 2000:pp.169-184
[11] 蒋兴浩.基于pki机制的对等网信任管理问题研究.浙江大学博士论文.2002
[12] R.Housley et al. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC3280. 2000
[13] C. Adams et al. Internet X.509 Public Key Infrastructure Certificate Martagement Protocols. RFC2510. 1999
[14] 李煜.PKIX数字证书授权机制的分析、研究与实现.苏州大学硕士学位论文.2002
[15] Toni Nykanen. Attribute Certificate in X.509. URL:http://citeseer.nj.nec.com
[16] A. Arsenault et al. Draft-ietf-pkix-roadmap-09. PKIX Working Group Internet Draft. 2002
[17] Ed Dawson, Javier Lopez, Jose A. Montenegro, Eiji Okamoto. A new design of Privilege Management Infrastructure for organizations using outsouced PKI. Information Security:5th international conference, 2002, LNCS 2433:pp.136—149
[18] Zoltan Nochta, Peter Ebinger, and Sebastian Abeck. PAMINA: A Certificate Based Privilege Management System. 2002
[19] 李俊娥,王娟.PKI与PMI联合安全认证系统及其设计.计算机应用. 2002,Vol.22 No.12:pp.7-10
[20] ISO/IEC 10181-3ITU-T Rec. X.812
[21] ITU-T Recommendation X.509. Information Technology-Open Systems Interconnection-The Directory : Public-Key and Attribute Certificate Frameworks. March 2000
[22] http://sec.isi.salford.ac.uk
[23] 赵战生,冯登国.计算机信息安全标准.中国金融电脑.1999,第7期: pp.23-26
[24] 谭强,黄蕾.PMI原理及实现初探.计算机工程.2002,Vol.28,No.8:PP.187.189
[25] Open Group Technical Standard. Authorization (AZN) API. ISBN:1:85912-266-3, 2002
[26] RFC 1510. The Kerberos Network Authentication Service (VS). 1993
[27] B. Clifford Neuman. Kerberos : An Authentication Service for Computer. Networks. IEEE Communications Magazine, September 1994 : pp.33-38
[28] http ://www.entrust.com
[29] http ://www.baltimore.com
[30] http://www.verisign.com
[31] http://www.permis.org
[32] http ://www.jit.com.cn
[33] David W Chadwick, Alexander Otenko, Edward Ball. Implementing Role Based Access Control Using X.509 Attribute Certificate-the PERMIS Privilege Management Infrastructure. 2002
[34] D.W.Chadwick, A.Otenko. RBAC Policies In XML For X.509 Based Privilege Managemnet. 2002
[35] 张大江,钱华林.一个利用数字证书实现的RBAC模型.小型微型计算机系统,2001,Vol.22 No.8:pp.937-940
[36] Michael Hitchens, Vijay Varadharajan. RBAC for XML Document Stores. Third International Conference on Information and Communications Security Xi'an China, 2001, LNCS, Vol.2229: pp. 131-143
[37] S. Burton, Jr. Kaliski. An Overview of the PKCS Standards, November 1993
[38] RSA Laboratories. PKCS#11 v2.10: Cryptographic Token Interface Standard
[39] S.Farrell et al. An Internet Attribute Certificate profile for authorization. RFC3281, 2002
[40] 陈传波,袁憬.Web工作流系统中属性证书访问控制研究.华中科技大学学报.,Vol.30 No.1:pp.29-31
[41] Joon S. Park, Ravi Sandhu. Binding Identities and Attributes Using Digitally Signed Certificates. Computer Security Applications. ACSAC'00, 2000: pp.120-127
[42] Joon S. Park, Ravi Sandhu. Smart Certificates: Extending X.509 for Secure Attribute Services on the Web. 1999
[43] Joon S. Park, Ravi Sandhu. RBAC on the Web by Smart Certificates. 1999
[44] Sharon Boeyen. Differences Between X.509(1997) and X.509(2000). Entrust, Inc. 2001
[45] 张红旗,李景峰.基于属性证书的X.509证书改进方案.计算机工程与应用.2001,第20期:pp.72-74
[46] Michael Morrison et al.XML揭秘—入门、应用、精通.清华大学出版社,2001
[47] Jake Sturm.开发XML解决方案.北京大学出版社,2002
[48] Darren P.Mundy, David Chadwick, Andrew Smith. Comparing the Performance of Abstract Syntax Notation One vs extensible Markup Language. 2002
[49] Pierangela Samarati, Sabrina de Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. FOSAD 2000, LNCS 2171 : pp. 137-196
[50] David Ferraiolo, and Richard Kuhn. Role-Based Access Controls. Proceedings of the 15th NIST-NCSC National Computer Security Conference,. 1992 : pp.554-563
[51] 韩伟力,陈刚,尹建伟,董金祥.权限约束支持的基于角色的约束访问控制模型与实现.计算机辅助设计与图形学学报.2002,Vol.14 No.4:333-338
[52] 李孟珂,余祥宣.基于角色的访问控制技术及应用.计算机应用研究.2000,第10期:pp.44-47
[53] Michael Lebkicher, Role Based Access Control, 2000
[54] R.S.Sandhu,F.J.Coyne,H.Feinstein,C.E.Younman. Role-based access control models. IEEE Computer, 1996, Vol.29,No.2:pp.38-47
[55] 胡艳,戴英侠,卢震宇,连一峰.基于RBAC模型的认证和访问控制系统.计算机工程.2002,Vol.28 No.10:pp.61-64
[56] 李伟琴,杨亚平.基于角色的访问控制系统.电子工程师.2000年第2期:pp.16-21
[57] John F. Barkley, D.Richard Kuhn, Lynne S.Rosenthal, Mark W.Skall, Anthony V.Cinacotta. Role-Based Access Control for the Web. UTL: http ://csrc.nist, gov/rbac/cals-paper.html
[58] P.C.Kocher :On Certificate Revocation and Validation. Proceedings of the 2nd International Conference Financial Cryptography. 1998. LNCS 1465: pp.172-177
[59] M.Naor, K.Nissim. Certificate Revocation and Certificate Update. Proceedings of USENIX, 1998
[60] M.Myers et al.X.509 Internet Public Key Infrastructure On-line Certificate Status Protocol-OCSP. RFC 2560,1999
[61] S.Micali. efficient Certificate Revocation. RSA Data Security Conference. January 1997
[62] Irene Gassko, Peter S.Gemmell, Philip Mackenzie. Efficient and Fresh Certification. Public Key Cryptography:Proceedings of the 3rd International Workshop on Practice and Theory in Public Key Cryptography, 2000, LNCS, Vol. 1751: pp.342-353
[2] 关义章,戴宗坤.信息系统安全工程学.电子工业出版社,2002.12
[3] 曲成义.电子政务安全保障体系探索.信息安全与通信保密.2003年第6期.pp.22-26
[4] http://www.infosec.org.cn
[5] http ://www.egs.org.cn
[6] Bruce Schneier.应用密码学:协议、算法与C源程序.吴世忠等译.机械工业出版社,2000
[7] William Stallings.密码编码学与网络安全——原理与实践.杨明等译.电子工业出版社,2001.4
[8] 王育民,何大可.保密学基础与应用.西安电子科技大学出版社,1990
[9] 冯登国,裴定一.密码学导引.科学出版社,1999
[10] Rolf Oppliger, Gunther Pernul, Christine Strauss. Using Attribute Certificates to Implement Role-based Authorization and Access Controls. Proceedings of the 4th Fachtagung Sicherheit in Informations System, 2000:pp.169-184
[11] 蒋兴浩.基于pki机制的对等网信任管理问题研究.浙江大学博士论文.2002
[12] R.Housley et al. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC3280. 2000
[13] C. Adams et al. Internet X.509 Public Key Infrastructure Certificate Martagement Protocols. RFC2510. 1999
[14] 李煜.PKIX数字证书授权机制的分析、研究与实现.苏州大学硕士学位论文.2002
[15] Toni Nykanen. Attribute Certificate in X.509. URL:http://citeseer.nj.nec.com
[16] A. Arsenault et al. Draft-ietf-pkix-roadmap-09. PKIX Working Group Internet Draft. 2002
[17] Ed Dawson, Javier Lopez, Jose A. Montenegro, Eiji Okamoto. A new design of Privilege Management Infrastructure for organizations using outsouced PKI. Information Security:5th international conference, 2002, LNCS 2433:pp.136—149
[18] Zoltan Nochta, Peter Ebinger, and Sebastian Abeck. PAMINA: A Certificate Based Privilege Management System. 2002
[19] 李俊娥,王娟.PKI与PMI联合安全认证系统及其设计.计算机应用. 2002,Vol.22 No.12:pp.7-10
[20] ISO/IEC 10181-3ITU-T Rec. X.812
[21] ITU-T Recommendation X.509. Information Technology-Open Systems Interconnection-The Directory : Public-Key and Attribute Certificate Frameworks. March 2000
[22] http://sec.isi.salford.ac.uk
[23] 赵战生,冯登国.计算机信息安全标准.中国金融电脑.1999,第7期: pp.23-26
[24] 谭强,黄蕾.PMI原理及实现初探.计算机工程.2002,Vol.28,No.8:PP.187.189
[25] Open Group Technical Standard. Authorization (AZN) API. ISBN:1:85912-266-3, 2002
[26] RFC 1510. The Kerberos Network Authentication Service (VS). 1993
[27] B. Clifford Neuman. Kerberos : An Authentication Service for Computer. Networks. IEEE Communications Magazine, September 1994 : pp.33-38
[28] http ://www.entrust.com
[29] http ://www.baltimore.com
[30] http://www.verisign.com
[31] http://www.permis.org
[32] http ://www.jit.com.cn
[33] David W Chadwick, Alexander Otenko, Edward Ball. Implementing Role Based Access Control Using X.509 Attribute Certificate-the PERMIS Privilege Management Infrastructure. 2002
[34] D.W.Chadwick, A.Otenko. RBAC Policies In XML For X.509 Based Privilege Managemnet. 2002
[35] 张大江,钱华林.一个利用数字证书实现的RBAC模型.小型微型计算机系统,2001,Vol.22 No.8:pp.937-940
[36] Michael Hitchens, Vijay Varadharajan. RBAC for XML Document Stores. Third International Conference on Information and Communications Security Xi'an China, 2001, LNCS, Vol.2229: pp. 131-143
[37] S. Burton, Jr. Kaliski. An Overview of the PKCS Standards, November 1993
[38] RSA Laboratories. PKCS#11 v2.10: Cryptographic Token Interface Standard
[39] S.Farrell et al. An Internet Attribute Certificate profile for authorization. RFC3281, 2002
[40] 陈传波,袁憬.Web工作流系统中属性证书访问控制研究.华中科技大学学报.,Vol.30 No.1:pp.29-31
[41] Joon S. Park, Ravi Sandhu. Binding Identities and Attributes Using Digitally Signed Certificates. Computer Security Applications. ACSAC'00, 2000: pp.120-127
[42] Joon S. Park, Ravi Sandhu. Smart Certificates: Extending X.509 for Secure Attribute Services on the Web. 1999
[43] Joon S. Park, Ravi Sandhu. RBAC on the Web by Smart Certificates. 1999
[44] Sharon Boeyen. Differences Between X.509(1997) and X.509(2000). Entrust, Inc. 2001
[45] 张红旗,李景峰.基于属性证书的X.509证书改进方案.计算机工程与应用.2001,第20期:pp.72-74
[46] Michael Morrison et al.XML揭秘—入门、应用、精通.清华大学出版社,2001
[47] Jake Sturm.开发XML解决方案.北京大学出版社,2002
[48] Darren P.Mundy, David Chadwick, Andrew Smith. Comparing the Performance of Abstract Syntax Notation One vs extensible Markup Language. 2002
[49] Pierangela Samarati, Sabrina de Capitani di Vimercati. Access Control: Policies, Models, and Mechanisms. FOSAD 2000, LNCS 2171 : pp. 137-196
[50] David Ferraiolo, and Richard Kuhn. Role-Based Access Controls. Proceedings of the 15th NIST-NCSC National Computer Security Conference,. 1992 : pp.554-563
[51] 韩伟力,陈刚,尹建伟,董金祥.权限约束支持的基于角色的约束访问控制模型与实现.计算机辅助设计与图形学学报.2002,Vol.14 No.4:333-338
[52] 李孟珂,余祥宣.基于角色的访问控制技术及应用.计算机应用研究.2000,第10期:pp.44-47
[53] Michael Lebkicher, Role Based Access Control, 2000
[54] R.S.Sandhu,F.J.Coyne,H.Feinstein,C.E.Younman. Role-based access control models. IEEE Computer, 1996, Vol.29,No.2:pp.38-47
[55] 胡艳,戴英侠,卢震宇,连一峰.基于RBAC模型的认证和访问控制系统.计算机工程.2002,Vol.28 No.10:pp.61-64
[56] 李伟琴,杨亚平.基于角色的访问控制系统.电子工程师.2000年第2期:pp.16-21
[57] John F. Barkley, D.Richard Kuhn, Lynne S.Rosenthal, Mark W.Skall, Anthony V.Cinacotta. Role-Based Access Control for the Web. UTL: http ://csrc.nist, gov/rbac/cals-paper.html
[58] P.C.Kocher :On Certificate Revocation and Validation. Proceedings of the 2nd International Conference Financial Cryptography. 1998. LNCS 1465: pp.172-177
[59] M.Naor, K.Nissim. Certificate Revocation and Certificate Update. Proceedings of USENIX, 1998
[60] M.Myers et al.X.509 Internet Public Key Infrastructure On-line Certificate Status Protocol-OCSP. RFC 2560,1999
[61] S.Micali. efficient Certificate Revocation. RSA Data Security Conference. January 1997
[62] Irene Gassko, Peter S.Gemmell, Philip Mackenzie. Efficient and Fresh Certification. Public Key Cryptography:Proceedings of the 3rd International Workshop on Practice and Theory in Public Key Cryptography, 2000, LNCS, Vol. 1751: pp.342-353
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |