【作者】 刘超；

【导师】 陈晓苏； 肖道举；

【作者基本信息】 华中科技大学 ， 计算机系统结构， 2004， 硕士

【摘要】 网上阅卷系统是一种为提高阅卷自动化、智能化、共享化而提出的应用系统。作为一种工作在分布式模式下的计算机支持的协同工作CSCW(Computer Supported Cooperative Work)系统,研究如何为其构建一个协同的工作环境、实现对共享资源的保护、保证系统中成员间信息的安全传输以及成员的身份鉴别有着重要的现实意义。基于角色的访问控制RBAC(Role-Based Access Control)作为一种先进的访问控制策略,能根据用户的角色限制用户对关键资源的访问,减轻授权管理负担。身份识别和认证以及数字签名技术是现有的安全理论中保证网络环境下信息安全传输的有力手段。在深入讨论RBAC理论和网络环境下安全通信机制的基础上,提出了一种网上阅卷的协同工作模型——CBWG(Cooperation Based Web Grading)模型。描述了模型的组成元素、组成模式以及协同工作方式,给出了协同活动、活动模板、活动树等重要概念。借用活动模板来表示协同工作中角色和共享对象间的交互关系,以反映一个协同活动应该具有的特征和行为;通过活动树中不同节点所代表的实体,来维护一个分布式的安全访问控制策略部署。CBWG模型借助RBAC模型中用户、角色和共享对象之间的工作模式,实现了网上阅卷系统共享数据完整性、机密性的保护。同时在现有的安全通信理论基础上,本模型引入了成员的身份识别和认证以及数字签名技术,保障了群组通信环境下的信息安全传输。研究表明,在CSCW系统的基础上,利用RBAC理论和安全通信理论构建的CBWG模型能较好的满足实际应用需求,并具有良好的可扩展性。更多还原

【Abstract】 Web grading is a kind of application system to improve automation, intelligence and sharing level of grading. As a CSCW system working under distributed mode, how to build a cooperative working environment, protecting sharing resources, guarantee safe transmission among members and distinguish member identification has very deep meaning in today’s society.RBAC is an advanced access control policy. It is able to restrict users’ access to key resources according to role of the user and alleviate the burden of authorization management. Identification recognition, authentication and digital signature are strong methods of available security theories to secure safe transmission in network environment.On the basis of RBAC theory and safe communication theory, a cooperation-based web grading (CBWG) model is presented. Composing element, composing mode and cooperative working policy of CBWG are described and concepts such as cooperative activity, activity template and activity tree are introduced. The interactive relation between roles and shared objects among cooperative activities is described by means of activity template, thus the characteristic and behavior of a cooperative activity can be reflected. A distributed secure access control policy is maintained by entity represented by different nodes in the activity tree.With the help of user, role and shared object from RBAC model, protection for integrality and secrecy of shared data in web grading system is implemented. On the basis of secure communication theory available, identification recognition and authentication of members and digital signature are introduced that will guarantee secure communication among members in role groups. Based on CSCW system, the CBWG model built up by RBAC theory and secure communication is able to satisfy practical requirement and has good expansibility.更多还原