| Access control mainly prevents illegal subject into protected network resources, allows legitimate users access to protected network resources and prevents legitimate users for protected network resources for unauthorized access, etc. Access control makes sure authorized users can access protecting resources, while refuse unauthorized users. From a business standpoint, the goal can also be described as the best information sharing. After all, IT's main purpose is that the user and application can obtain information. A greater degree of resource sharing hind the protection of resources, in reality, a well organised and effective access control system indeed promote sharing, fully fine access control mechanism can make selective sharing information into reality.Based on the analysis of the existing access control technology, from the aspect of strengths and limitations, this paper firstly introduce serveral important access control concepts, including strategy, model and mechanism, then introduce some existing access control technology:DAC, MAC, RBAC, XACML etc. NETCONF remote network configuration protocol is still lack of access control model, while XACML is an XML based access control standards, widly support by industry. This paper finds a way to deploy XACML for NETCONF by using third party packages. This packages uses xacml forms of strategies on resources, and to authorize request for verification. This paper is focused on how to implement XACML mechanism on NETCONF experimental platform, which mainly includes two aspects, one is how to deployment strategy, and the other is how to access validation. In the final part of this paper suggests two aspects improvement strategies. |
PDF Full Text Request