[1]范迪,朱志祥. 一种Dubbo框架的授权认证方案[J].计算机技术与发展,2017,27(11):115-118.
 FAN Di,ZHU Zhi-xiang. An Authorization Authentication Scheme for Dubbo Framework[J].,2017,27(11):115-118.
点击复制

 一种Dubbo框架的授权认证方案()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
27
期数:
2017年11期
页码:
115-118
栏目:
安全与防范
出版日期:
2017-11-10

文章信息/Info

Title:
 An Authorization Authentication Scheme for Dubbo Framework
文章编号:
1673-629X(2017)11-0115-04
作者:
 范迪朱志祥
 西安邮电大学 物联网与两化融合研究院
Author(s):
 FAN DiZHU Zhi-xiang
关键词:
 Dubbo 授权认证分布式服务框架访问控制
Keywords:
 Dubboauthorization authenticationdistributed service frameworkaccess control
分类号:
TP311.1
文献标志码:
A
摘要:
 为增强Dubbo分布式服务框架的访问安全性,避免服务消费过程中出现消费混乱或者数据被盗取的情况,将安全授权码应用到服务注册以及服务消费过程中,提出了一种新的访问控制方案.在Dubbo中引入授权认证中心,通过授权认证中心对服务提供方和服务消费方下发访问授权码,在服务注册阶段对服务提供者进行身份验证,服务提供者在服务被消费阶段对服务消费者进行身份验证,保证了数据交换过程中数据访问的安全性,有效地进行服务注册与服务消费的访问控制.授权认证中心同时依赖Dubbo构建成为分布式服务,与Dubbo框架本身进行深度融合,可以支撑高并发的授权码认证请求.该方案在Dubbo中增加授权认证中心,通过该模块下发和管理授权码,能够对注册授权和消费授权进行灵活管控,为Dubbo注册中心与服务提供方提供了更安全的访问控制,从而达到保护数据的目的.
Abstract:
 In order to enhance the access security of Dubbo distributed service framework and avoid the circumstances of consumption confusion or data to be stolen in service consumption,the security authorization code is applies to service registration and service con-sumption and a new scheme of access control is proposed. Through the introduction of the authorized authentication center in Dubbo,the service provider and the consumer side can be issued security authorization code. According to that,service provider is authenticated in service registration and service consumer is authenticated by service provider in service consumption,which make sure the safety of data access in the process of data exchange,efficient access control of service registration and service consumption. In the meantime,the au-thorized authentication center establishes the distributed service by Dubbo and highly combines with Dubbo,which can support authentica-tion request of authorization code with high concurrency. It adds the authorized authentication center in Dubbo to send and manage the au-thorization code which can conduct flexible control for registration authorization and consumption authorization,providing the safer access control for Dubbo registration center and service provider and reaching the purpose of data protection.

相似文献/References:

[1]张志宏,吴庆波,邵立松,等.基于飞腾平台TOE协议栈的设计与实现[J].计算机技术与发展,2014,24(07):1.
 ZHANG Zhi-hong,WU Qing-bo,SHAO Li-song,et al. Design and Implementation of TCP/IP Offload Engine Protocol Stack Based on FT Platform[J].,2014,24(11):1.
[2]梁文快,李毅. 改进的基因表达算法对航班优化排序问题研究[J].计算机技术与发展,2014,24(07):5.
 LIANG Wen-kuai,LI Yi. Research on Optimization of Flight Scheduling Problem Based on Improved Gene Expression Algorithm[J].,2014,24(11):5.
[3]黄静,王枫,谢志新,等. EAST文档管理系统的设计与实现[J].计算机技术与发展,2014,24(07):13.
 HUANG Jing,WANG Feng,XIE Zhi-xin,et al. Design and Implementation of EAST Document Management System[J].,2014,24(11):13.
[4]侯善江[],张代远[][][]. 基于样条权函数神经网络P2P流量识别方法[J].计算机技术与发展,2014,24(07):21.
 HOU Shan-jiang[],ZHANG Dai-yuan[][][]. P2P Traffic Identification Based on Spline Weight Function Neural Network[J].,2014,24(11):21.
[5]李璨,耿国华,李康,等. 一种基于三维模型的文物碎片线图生成方法[J].计算机技术与发展,2014,24(07):25.
 LI Can,GENG Guo-hua,LI Kang,et al. A Method of Obtaining Cultural Debris’ s Line Chart Based on Three-dimensional Model[J].,2014,24(11):25.
[6]翁鹤,皮德常. 混沌RBF神经网络异常检测算法[J].计算机技术与发展,2014,24(07):29.
 WENG He,PI De-chang. Chaotic RBF Neural Network Anomaly Detection Algorithm[J].,2014,24(11):29.
[7]刘茜[],荆晓远[],李文倩[],等. 基于流形学习的正交稀疏保留投影[J].计算机技术与发展,2014,24(07):34.
 LIU Qian[],JING Xiao-yuan[,LI Wen-qian[],et al. Orthogonal Sparsity Preserving Projections Based on Manifold Learning[J].,2014,24(11):34.
[8]尚福华,李想,巩淼. 基于模糊框架-产生式知识表示及推理研究[J].计算机技术与发展,2014,24(07):38.
 SHANG Fu-hua,LI Xiang,GONG Miao. Research on Knowledge Representation and Inference Based on Fuzzy Framework-production[J].,2014,24(11):38.
[9]叶偲,李良福,肖樟树. 一种去除运动目标重影的图像镶嵌方法研究[J].计算机技术与发展,2014,24(07):43.
 YE Si,LI Liang-fu,XIAO Zhang-shu. Research of an Image Mosaic Method for Removing Ghost of Moving Targets[J].,2014,24(11):43.
[10]余松平[][],蔡志平[],吴建进[],等. GSM-R信令监测选择录音系统设计与实现[J].计算机技术与发展,2014,24(07):47.
 YU Song-ping[][],CAI Zhi-ping[] WU Jian-jin[],GU Feng-zhi[]. Design and Implementation of an Optional Voice Recording System Based on GSM-R Signaling Monitoring[J].,2014,24(11):47.

更新日期/Last Update: 2017-12-26