节点文献

面向多视点设计的EIS访问控制技术研究

Research on EIS Access Control Technology Oriented to Multi-Viewpoint Design

【作者】 杨喜敏

【导师】 谢长生; 曹强;

【作者基本信息】 华中科技大学 , 计算机系统结构, 2010, 博士

【摘要】 信息是现代企业的核心关键资源,企业需要存储海量信息资源,也需要有效、高效、安全地管理信息资源。企业信息系统作为企业资源管理平台,是现代企业赖以获取竞争优势的基础设施之一。有效利用计算机进行信息资源管理的根本问题在于生产信息系统的方法。尽管相关研究工作众多,企业信息系统项目的低成功率仍然没有得到完善解决,信息系统架构与业界所渴望的成熟度也相距甚远。企业信息系统开发是一个由多个利益群体共同参与的设计、实现、运行和维护过程。由于利益群体对目标系统兴趣点的差异,以及他们使用的技术、语言和建模工具的多样性,导致了利益群体模型之间的不一致性,从而严重阻碍利益群体之间和利益群体内部成员之间的相互理解和交流。在现行企业信息系统及其体系结构的研究中,普遍将访问控制作为一种辅助服务,而不是体系结构的一个核心要素,使系统的体系结构本身并没有足够的安全保障。此外,这些访问控制技术仅控制主体对客体的访问能力,缺乏对客体资源的访问范围限制,从而导致客体资源存在被泄露的可能。针对多视点设计的一致性保证问题,在系统分析企业信息系统复杂性的基础之上,提出了基于受控实体的信息系统体系结构框架ECBISAF。ECBISAF以“资源管理”作为利益群体的公共兴趣点,以全局一致的“实体管理关系”作为利益群体模型的表述模式,确立了利益群体模型簇之间、利益群体成员模型之间的关系,并给出了模型一致性的判定规则。与其它基于多视点设计的信息系统架构框架的对比分析表明,ECBISAF不仅能够保证多视点体系结构设计的一致性,而且无需中间模型,就能直接完成模型间的相互转换。为了解决企业信息资源的安全保障问题,面向实体管理,建立了基于受控实体的访问控制模型ECBAC。与其它的访问控制模型在管理层面上组织用户的行为能力不同,ECBAC强调的是企业信息信息资源的管理职责应该由谁如何来行使。在资源管理全过程中,ECBAC通过完善的主体、职责和客体资源三者的可用性约束机制,从静态和动态两个方面,控制主体对客体的管理能力和主体对客体资源的访问范围。相对于其它访问控制技术客体级的安全对象粒度而言,ECBAC是一种具有更细粒度的访问控制模型。基于ECBISAF和ECBAC,设计了安全规则驱动的企业信息系统体系结构SRDEISA。作为一种实体管理模式,SRDEISA定义了安全规则的表述模式,用来统一封装受控实体的组织结构、管理和迁移策略,实现实体业务调度和迁移的自动化处理。实验和性能分析结果表明,SRDEISA能够有效缩减系统开发的工作量,提升目标系统的可维护性和可管理性,在实现软件实体重用的同时,也实现了系统层的平台重用。

【Abstract】 Information is the key resource of modern enterprise, and the mass information of them is required to be stored and managedeffectively, efficiently and securely. As a resources management platform, Enterprise Information System (EIS) is one of the infrastructures by which a modern enterprise can obtain competitive advantage. In order to manage resources effectively by using computers, EIS development method plays an essential role. However, most EIS projects are still not successful as being expected, and the Information System Architecture (ISA) is far behind the maturity of industry’s desire.In any large-scale distributed EIS design, different people with different interests are involved. These people, called stakeholders, have their own views on the EIS design, for which they use their own modeling languages, techniques, and tools. So these differences and variety between different stakeholder-models make stakeholders cannot understand and communicate each other and commonly. During the past few years, EIS Development methods have treated access control as an assisted server, not a core component of architecture. Therefore, EIS architecture is not secure enough for itself. In addition, these access control technologies only restrict the rights by which one subject can access an object. That should raise the risk of divulging object’s data because an authorized subject can access whole dataset the object owned.According to the consistency among stakeholder models, we analyze the complexity of EIS and proposed an ISA framework, called Entity-Controlled Based Information System Architecture Framework (ECISAF). In ECBISAF, "resource management" is established as a common point of interest, and "entity managing model" is served as a global unified perspective for stakeholder’s view. To help produce a coherent and consistent design, the relationship between model clusters and that between the models of stakehold-er’s members are built, and some rules used to judging the model consistency is also given. Compared to other frameworks employed multi-viewpoint design, ECBISAF not only guarantees consistency in the multi-viewpoint design, but also supports direct inter-conversation between models without any middle-model.After that, ECBAC (Entity-Controlled-Based Aaccess Control), an access control model, is proposed to resolve the problem of information resources security. Different from other access control techniques that structure user’s action at levels of management, ECBAC orients to entity management and focus on who and how to do duties for information resources management. ECBAC provides a perfect constraint mechanism for subject identifying, duties obtaining and object resource accessing, so it can protect information resources statically and dynamically during whole managing process. Compared to other access control techniques, ECBAC achieves more fine-granule control for resources accessing.Finally, a security-rule driver EIS architecture (SRDEISA) is proposed based on ECBISAF and ECBAC. SRDEISA provides a schema of security rule representation to uniformly encapsulate policies for structuring, managing and transferring entity-controlled. The results of experiment and performance analysis show that SRDEISA can reduce workload of system development, and increases maintainability and manageability of target system. In addition, it achieves not only software entities reuse, but also system-level platform reuse.

节点文献中: