| Summary: | 碩士 === 國立臺灣科技大學 === 機械工程系 === 91 === The eXtensible Access Control markup Language (XACML) is an XML access policy descriptive language proposed by OASIS in Dec. 2002.
XACML, based on the Object-Oriented concept, can provide a solution in degree of freedom on Subject—Access right—Condition by completely describing the problem domain of access control.
XML document prosses the property of attribute and element.Furthermore, the standard of XACML is just suitable for solving the problem of Fine-grained access control coming along with XML document.
Studies concerning the access control mostly focus on the improvement and application of access control policy, however, most of these studies lack of researches of component and architecture.
This study uses the method of Object-Oriected Analysis and Design (OOA/D) and XACML standard to analyze and design, so as to produce function, and to establish the software structure constructed in the XACML standard.
This study, by applying the two policies of Mandatory Access Control (MAC) and Role-Based Access Control (RBAC), and taking advantage of that software structure to build the Fine-grained access control of XML document, can test if the XACML language carries the flexibility of supporting multi-access control policy, and verify if it is able to resolve the problem of Fine-grained access control in XML document.
|
|---|
