

The Study on Techniques of Description and Collection of Active Web Pages Resources for Authorization Management

【摘要】 为了实现对动态网页资源的细粒度授权与访问控制,从根本上提高Web网页的安全性,首先需要解决资源的搜集与描述问题。全面的描述、精确的搜集以及合理的组织资源能够给授权管理带来诸多方便,同时为细粒度的授权与访问控制奠定基础。本文以授权管理为背景,针对动态网页资源的特殊属性,探讨如何实现对动态网页资源的细粒度描述和搜集,从而为动态网页资源细粒度的访问控制提供解决方法。本文主要工作如下;1.深入系统地分析了动态网页资源管理的研究现状。在研究动态网页开发技术的基础上,对Web网页资源的授权与访问控制问题进行了深入的分析;重点研究了现有的Web网页资源描述和动态网页资源搜集方法,提出了授权管理中动态网页资源管理面临的主要问题。2.从授权与访问控制的角度给出了动态网页资源的全新定义,设计了适合动态网页资源的统一描述方法。基于通用的资源描述框架RDF规范,分别为动态网页和页面元素定义了反映其动态特征和关联关系的描述词汇集。该词汇集充分体现了动态网页资源的层次结构,能够细粒度、全面的描述动态网页资源的特征属性,为灵活、简便的授权和细粒度的访问控制提供支持。3.提出了面向授权管理的动态网页资源搜集系统模型。该模型采用Robot技术遍历动态网页,并通过数据分析和计算获取动态网页的特殊属性。重点研究了网页交互参数、有效动态变化因子集等动态网页特征属性的获取方法。设计了动态网页页面元素的抽取算法,该算法深入网页文件内部获取页面元素的特征属性,为细粒度、全面的动态网页资源管理奠定基础。4.深入研究了本文提出的动态网页资源管理方法在授权与访问控制中的具体应用。基于授权与访问控制中资源标识的需要,提出了一种基于动态变化因子的动态网页资源标识方法,在此基础上给出了动态网页资源访问控制的初步解决方案。应用表明,本文提出的动态网页资源描述方法能够为授权提供方便和更多的灵活性,简化了授权操作,同时为制定高精度、细粒度的授权策略提供支持。动态网页资源标识问题的解决直接为动态网页资源的访问控制问题提供了有效的解决思路和方法。

【Abstract】 To improve the security of web pages and the realization of fine-grained authorization and access control of active web pages resources, collection and description of resources are the first problem to be solved. Collecting resources precisely and organizing them properly can provide much convenience for authorization management. They are the basis of fine-grained authorization and access control.Based on the special characters of active web pages, this dissertation studies the fine-grained description and collection of active pages resources in authorization management. The main work of this dissertation is as follows:1. Analyze the present research of active web pages resource management deeply. Based on the study of developed technique of active web pages, the problem exists in authorization and access control of web pages resources is studied. The present methods of describing and collecting web pages resources are analyzed. Main problem of managing active web pages in authorization management has been proposed.2. To the point of authorization and access control, a new definition of active web pages resources is provided and a method of describing active web pages generally is proposed. Based on Resource Description Framework (RDF), the dissertation provides a general descriptioin method for active web pages resources. This method defines the decription schema for both active pages and elements, which reflects their active characters and relationships with each other. It supports flexible and convenient authorization and fine-grained access control of resources.3. A model of collecting acive web pages in authorization management is proposed. Based on the Robot technique, the model extracts the special charactesr of active web pages by analyzing and calculating. The algorithm of obtaining parameters and valid changing factors of pages is provided and method of extracting resource elements contained in pages is discussed.4. Application of the method proposed in authorization and access control are analyzed. For the need of identification of resources, this dissertation designed a method of identifying the content of acive web pages. And a prelimitary solution for access control of active web pages is proposed.The application demonstrates that description method proposed for active web pages provides much convenience for authorization and simplifies the authorization operation. It supports fine-grained and precise authorization. The settlement of identifying acive web pages directly provides solution for the access control problem.

