English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 73279/105095 (70%)
造訪人次 : 19274707      線上人數 : 197
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    政大機構典藏 > 商學院 > 資訊管理學系 > 學位論文 >  Item 140.119/35227
    請使用永久網址來引用或連結此文件: http://nccur.lib.nccu.edu.tw/handle/140.119/35227


    題名: AAA架構下情境感知存取控制政策之設計與應用
    Context-aware access control for the AAA architecture
    作者: 劉安妮
    Liu, Annie
    貢獻者: 劉文卿
    劉安妮
    Liu, Annie
    關鍵詞: 情境知覺
    AAA架構
    存取控制政策
    無線網路安全
    Context-aware
    AAA Architecture
    Access control policy
    Wireless security
    日期: 2005
    上傳時間: 2009-09-18 14:29:45 (UTC+8)
    摘要: 隨著無線網路環境的普及,越來越多行動工作者可以透過隨身的手持設備進行網路漫遊,即時地存取不同的服務。另外亦可以經由公司的虛擬專有網路來存取企業內部資料、電子郵件及其它應用程式。不論是針對企業或是網路服務業者而言,為了要能夠確保網路環境上的安全性,眾多的行動工作者在進行漫遊時,身分必須被驗證,進而才能被授予各項服務的存取權。此外,還必需根據使用者服務使用的情況進行計費,來提升服務提供者的收益。
    因此在無線區域網路中,結合一套認證、授權、計費的架構(Authentication, Authorization, Accounting Architecture, AAA
    Architecture),使得網路服務業者能夠有效地來管理龐大行動工作者的跨網路漫遊服務。

    本研究提出一個以情境知覺運算(context-aware computing)為基礎的AAA架構。以情境來設計資源存取政策,因此系統偵測到行動工作者情境上的改變,根據已定義好的存取政策,動態地進行身分驗證及調整授權服務,最後再依不同的服務使用等級、連線時間與網路使用量等來計費。本論文以漫遊服務與企業虛擬專有網路為例,說明在此架構下如何針對不同的情境進行身分認證、與服務授權。
    With the popularity of the Wireless LAN, mobile workers are able to access various services or resources with seamless roaming, as well as mobile VPN, just via their handheld devices. Not only for the corporations but the Internet Service Providers(ISP), a secure and trusted remote access is required. User identity should be authenticated in advance, and the service providers grant or deny mobile users the access to resources according to their statuses.
    Besides, a usage-based accounting and billing is crucial to provide commercialized services within WLAN, and to benefit those service providers. As a result, a AAA architecture designed for coordinating the authentication, authorization and accounting between different administrative networks is required with urgent need.

    The objective of this research is to provide a context-aware based AAA architecture which adopts context as the design principle to define access control policies. So the system can detect the changing contexts of mobile workers, re-authenticate user identity, adjust dynamically service permissions in the light of context-based access control policies, and bill the user taking into account the contexts efficiently. In this research, we take examples of roaming services and VPN to describe how the architecture works.
    參考文獻: Abowd, G. D., Dey, A. K., Brown, P. J., Davies, N., Smith, M. and Steggles, P.
    1999. Towards a better understanding of context and context-awareness. In HUC
    '99: Proceedings of the 1st international symposium on handheld and ubiquitous
    computing (pp. 304{307). London, UK: Springer-Verlag.
    Chen, H., Finin, T., Joshi, A., Kagal, L., Perich, F. and Chakraborty, D. Intelligent
    agents meet the semantic web in smart spaces. IEEE Internet Computing, 8(6),
    69{79, 2004.
    Chong, S. K., Krishnaswamy, S. and Loke, S. W. 2005. A context-aware approach to
    conserving energy in wireless sensor networks. In PERCOMW '05: Proceedings
    of the third ieee international conference on pervasive computing and communica-
    tions workshops (PERCOMW'05) (pp. 401{405). Washington, DC, USA: IEEE
    Computer Society.
    Dey, A. K. 2000. Providing architectural support for building context-aware applications.
    Unpublished doctoral dissertation, Georgia Institute of Technology.
    Ferraiolo, D. and Kuhn, R. 1992. Role based access control. In 15th national computer
    security conference.
    Gwizdka, J. 2000. What's in the context? In Position paper for CHI 2000 workshop
    on the what, who, where, when, why and how of context-awareness.
    JÄahnert, J. Problem statement: Metering and accounting in the full-IP 4G environ-
    ment. Lecture Notes in Computer Science, 2816, 298-307, 2003.
    Laat, C. de, Gross, G., Gommans, L., Vollbrecht, J. and Spence, D. Generic AAA
    architecture. Request for Comments: 2903, 2000.
    Metz, C. AAA protocols: Authentication, authorization, and accounting for the Inter-
    net. IEEE Internet Computing, 3(6), 75{79, 1999.
    Most¶efaoui, G. K. and Br¶ezillon, P. A generic framework for context-based distributed
    authorizations. Lecture Notes in Computer Science, 2680, 204-217, 2003.
    Most¶efaoui, G. K. and Br¶ezillon, P. 2004. Modeling context-based security policies
    with contextual graphs. In 2nd IEEE conference on pervasive computing and
    communications workshops (PERCOMW'04).
    Mostefaoui, G. K., Pasquier-Rocha, J. and Brezillon, P. 2004. Context-aware comput-
    ing: A guide for the pervasive computing community. In ICPS '04: Proceedings
    of the the IEEE/ACS international conference on pervasive services (ICPS'04)
    (pp. 39{48). Washington, DC, USA: IEEE Computer Society.
    Prasad, N. R., Alam, M. and Ruggieri, M. Light-weight AAA infrastructure for mobility
    support across heterogeneous networks. Wireless Personal Communications: An
    International Journal, 29(3-4), 205{219, 2004.
    Sandhu, R. and Samarati, P. Access control: Principle and practice. IEEE Communi-
    cations Magazine, 32(9), 40{48, 1994.
    Sandhu, R. and Samarati, P. Authentication, access control, and audit. ACM Com-
    puting Surveys (CSUR), 28(1), 241{243, 1996.
    Schilit, B., Adams, N. and Want, R. 1994. Context-aware computing applications. In
    IEEE workshop on mobile computing systems and applications. Santa Cruz, CA,
    US.
    Schilit, W. N. 1995. A system architecture for context-aware mobile computing. Un-
    published doctoral dissertation, COLUMBIA UNIVERSITY.
    Zseby, T., Zander, S. and Carle, G. Policy-based accounting. Request for Comments:
    3334, 2002.
    描述: 碩士
    國立政治大學
    資訊管理研究所
    93356026
    94
    資料來源: http://thesis.lib.nccu.edu.tw/record/#G0093356026
    資料類型: thesis
    顯示於類別:[資訊管理學系] 學位論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    35602601.pdf49KbAdobe PDF1314檢視/開啟
    35602602.pdf380KbAdobe PDF1271檢視/開啟
    35602603.pdf223KbAdobe PDF1334檢視/開啟
    35602604.pdf26KbAdobe PDF1268檢視/開啟
    35602605.pdf457KbAdobe PDF1320檢視/開啟
    35602606.pdf402KbAdobe PDF1428檢視/開啟
    35602607.pdf812KbAdobe PDF1805檢視/開啟
    35602608.pdf999KbAdobe PDF1577檢視/開啟
    35602609.pdf795KbAdobe PDF1455檢視/開啟
    35602610.pdf599KbAdobe PDF1363檢視/開啟
    35602611.pdf93KbAdobe PDF1390檢視/開啟
    35602612.pdf585KbAdobe PDF1748檢視/開啟


    在政大典藏中所有的資料項目都受到原著作權保護.


    社群 sharing

    著作權政策宣告
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋