Business process execution language (BPEL)-based secure access service integration modeling method
A technology for secure access and business integration, applied in the field of computer technology and information security, it can solve the problems of complex configuration, unfavorable use, and large development volume, and achieve the effect of strong flexibility and easy modification.
Active Publication Date: 2010-11-24
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF2 Cites 17 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Its disadvantage is that the supported authentication mode is relatively simple, and the extension development needs to start from the code level, and the configuration is complicated and cumbersome, which is not conducive to use
Its shortcomings are that the management mechanism lacks loose coupling, does not conform to the componentized system development model, does not support remote call encapsulation mechanisms such as Web Service, and adopts a proprietary mechanism for policy formulation, lacking extensive support for various application scenarios , it is difficult to provide a general access control interface
Its shortcoming lies in the lack of interfaces and standards for effective integration with various cross-domain authentication mechanisms, and the application scenarios of integrating authentication, authorization, and auditing are not considered, and a complete security access implementation platform cannot be built.
[0007] Although the above projects adopt the form of middleware oriented to the development of proprietary security functions, their internal components and replaceability are still in the coarse-grained and single-level development stage, which cannot adapt to the tailoring and agility of enterprise applications for security function customization There are basically no platforms and methods for multiple development and free assembly for security developers or business designers
[0008] There are also some development kits designed to provide basic security technologies, such as Bouncy Castle Crypto, Crypto++, JSBN Crypto, IAIK Crypto, etc. These projects can provide comprehensive and rich cryptographic algorithm implementations, public key / property certificate generators, cryptography Relevant mathematical tools have been widely used in many actual systems as security infrastructure, but their two basic shortcomings are: the internal structure of the development kit is still relatively complicated, and the learning curve for professionals is still high; The assembly mode and development template cannot provide a functional interface directly oriented to business security, and the amount of later development is still relatively large
Moreover, the existing research on the security of application systems often first determines which security functions the system needs to ensure the security of the system, and then studies the realization of specific security functions. It rarely pays attention to the specific security transaction process. The security of individual security functions is Not enough to guarantee the overall security of the application system business
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0027] The present invention will be further described below through specific embodiments and accompanying drawings.
[0028] The development of information security common components is from the underlying infrastructure components to the middle functional facility components and then to the upper integrated service components, while the development of business processes is from the upper layer business modeling to the middle layer process analysis and then to the bottom layer service integration. These are developments in two different directions. The present invention uses BPEL arrangement to seamlessly combine component development and business process development to form a complete security business integration modeling model, such as figure 1 shown. The information security common component set is divided into three levels, from bottom to top: security infrastructure component technology layer, security function facility component layer and security integration service c...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more PUM
Login to view more Abstract
The invention provides a secure access service integration modeling method, which belongs to the technical field of information security. In the method, for a secure access service in a system, the secure access service comprises an authentication flow, an access control flow and a check flow; on the basis, a business process execution language (BPEL)-based secure access service flow is designed and implemented, related Web Service components are provided for the realization of specific functions for the detailed processing flows of authentication, access control and check in the secure access service flow, and interfaces between the secure access service and the Web Service components and exchange information between the service and a Web Service are realized by a BPEL. A service integrator can conveniently integrate conventional information security components and the Web Service by the BPEL, fast develop a set of applicable secure access service flow, and in addition, can fast replace the Web Service in the service flow so as to improve the development efficiency.
Description
technical field [0001] The invention belongs to the field of computer technology and information security, relates to an assembly and development mode of security service components, and more precisely embodies a BPEL (Business Process Execution Language)-based security access business integration modeling method. Background technique [0002] For a long time, the security function modules of most practical application systems are basically developed and realized by embedded business modules, and the coupling between security components and business components is too high. Whether it is procedural programming or object-oriented programming, the interaction between the two cannot be avoided. The characteristics of complex relationships and poor separation of functional logic; in addition, the security system involves fields such as authentication, authorization, access control, and responsibility identification. Further componentization and separation will result in fuzzy and...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more Application Information
Patent Timeline
Login to view more Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F9/44
Inventor 冯登国王雅哲张立武周涛朱玉涛
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
- R&D Engineer
- R&D Manager
- IP Professional
Why Eureka
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Social media
Try Eureka
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap