| 使用用户认证信息的服务器进程管理手法 |
| |
| 引用本文: | 黎明.使用用户认证信息的服务器进程管理手法[J].科技广场,2006,8(4):86-88. |
| |
| 作者姓名: | 黎明 |
| |
| 作者单位: | 湖南科技学院计算机系,永州425006 |
| |
| 摘 要: | 客户/服务器模型中,服务器在连接前没有途径获知客户端信息,而且现在的UNIX内核中还不能区分经由网络的用户,因此每个服务程序都必须实现客户的认证功能,这样就比较冗长。在本文中,提出让用户信息经由网络传播,并利用网络传输的用户信息,把服务器的权限改变为客户端的权限的机制,并提出在内核水平实现的方法。通过这种机制和方法可以把服务器认证和访问控制实现一元化管理,并且有了这个机制,服务器程序就没有必要用特权用户权限运行,可以增强系统的安全性。
|
| 关 键 词: | 内核 客户认证 访问控制 |
| 文章编号: | 1671-4792-(2006)4-0017-03 |
Server Process Management Method Applying User-certified Message |
| |
| Li Ming.Server Process Management Method Applying User-certified Message[J].Science Mosaic,2006,8(4):86-88. |
| |
| Authors: | Li Ming |
| |
| Institution: | Department of Computer Science, Science and Technology Institute of Hunan, Yongzhou 425006 |
| |
| Abstract: | In the C/S model, the server does not hold any approach to acquire client message before connection. Furthermore, Modern UNIX kernel still can not distinguish users who traverse the network; therefore, each server program should implement clients' certification function, which results in verbosity. In this paper, it presents the mechanism which allows users to traverse the network broadcast, and utilizes user messages during network transmission, and converts the mechanism from the privilege of servers to the privilege of clients, and finally puts forward the method that can be applied in the implementation of kernel-level. By means of this kind of mechanism and method, which can achieve the target of one-diversity management based on server certification and access control, with this mechanism, it is unnecessary for the server program to run under the user privilege, and finally boosts the security of the system. |
| |
| Keywords: | Kernel Client Certification Access Control |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
