| 基于对象存储的分布式GIS数据安全机制 |
| |
| 引用本文: | 喻占武,李忠民,郑胜,李德仁.基于对象存储的分布式GIS数据安全机制[J].测绘学报,2007,36(3):309-315. |
| |
| 作者姓名: | 喻占武 李忠民 郑胜 李德仁 |
| |
| 作者单位: | 武汉大学,测绘遥感信息工程国家重点实验室,湖北,武汉,430079;武汉大学,电子信息学院,湖北,武汉,430079 |
| |
| 基金项目: | 国家重点基础研究发展计划(973计划)项目(2004CB318206) |
| |
| 摘 要: | 根据OSD-2标准,提出一种安全机制来保证基于对象存储的分布式GIS空间数据的安全。在本安全机制中,采用的安全模型是基于信任状的访问控制系统,主要由OSD设备、安全管理器、策略/存储管理器和GIS服务器组成。该安全机制主要包含3个协议:GIS服务器-安全管理器协议、安全管理器-OSD设备协议和GIS服务器-OSD设备协议。命令的传输和数据的访问都要进行认证。这3个协议有效预防了各种网络攻击手段的攻击,保证了分布式GIS空间数据的安全共享。
|
| 关 键 词: | 地理信息系统 基于对象存储 安全机制 信任状 |
| 文章编号: | 1001-1595(2007)03-0309-07 |
| 修稿时间: | 2006-01-26 |
Security Mechanism for Distributed GIS Spatial Data Based on Object-based Storage |
| |
| YU Zhan-wu,LI Zhong-min,ZHENG Sheng,LI De-ren.Security Mechanism for Distributed GIS Spatial Data Based on Object-based Storage[J].Acta Geodaetica et Cartographica Sinica,2007,36(3):309-315. |
| |
| Authors: | YU Zhan-wu LI Zhong-min ZHENG Sheng LI De-ren |
| |
| Institution: | 1. State Key Laboratory of Information Engineering in Surveying, Mapping and Remote Sensing, Wuhan University, Wuhan 430079, China; 2. School of Electronic Information, Wuhan University, Wuhan 430079, China |
| |
| Abstract: | Massive Spatial data is the very core of current GIS and generally is distributed at different places. A new generation storage model for distributed GIS spatial data based on Object-Based Storage (OBS) has been constructed, which gives an integrated solution to both offer high-performance storage services and secure data sharing. In this model, GIS server, metadata server and storage device are separated, so it is very important to construct a security mechanism for securing distributed GIS spatial data.In this paper, a security mechanism for distributed GIS spatial data is presented based on OBS after analyzing Object-based Storage Device (OSD) security model described in OSD-2 standard. In this mechanism, the security
model is a credential-based access control system composed of the following components: ① an OSD device (OBSD) ;② a security manager;③ a policy/storage manager;④ a GIS server. Commands transfer and data access both need be authorized. The mechanism is composed of three security protocols: GIS Server-Security Manager protocol, Security Manager-OBSD protocol and GIS Server-OBSD protocol. These three protocols maintain integrity, confidentiality and privacy of distributed GIS spatial data. |
| |
| Keywords: | GIS object-based storage security mechanism credential |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
