Research On Authentication And Access Control In Navy Information-Sharing Platform

With the navy gradually moving from coastal to offshore, training and combating area of marine constantly expending as well as voyage time becoming longer and longer,the competence of self-repairing and emergency maintenance of fleet equipment is imperative for security of sea navigation and the combating ability. Therefore, it is meaningful that the navy department develops an information sharing platform which can provide vessel maintenance support and real time information service. It also enhances our country's military strength. As a large-scale distributed system of information sharing in navy, the platform is applied to various security domains between which involve complicated interactions as well as excessive resource sharing operations.To ensure the safety and validity of above actions in system, the paper proposes a complete research program of cross-domain access control appropriate for the navy platform. The main contents are as follows: Frist, it puts forward an administration model which administers domain and across-domain access control. The proposed model makes sure that the users who spread all over country which has its own administration scheme can use the system orderly; Second, it devises an comprehensive authentication scheme which provides complete authentication procedure and is indispensable before authorization of the users; Third, after being authenticated successfully, the cross-domain user needs to be allocated a proper role in the domain it asks for service. So the paper gives a detailed description of role mapping algorithm, meanwhile it makes a comparisons between the proposed algorithm and other existing algorithm; Forth, role mapping algorithm leads to conflicts of strategy in RBAC(role-based access control).To make sure the distribute system work well,the paper introduces conflicts generating process as well as the detailed conflicts detection and conflict resolution algorithm.By completing above work, it not just provides technology and theory support for the management of cross-domain access control, but also offers beneficial reference for the INFORMATION-SHARING PLATFORM OF NAVY.