簡易檢索 / 詳目顯示
| 研究生: |
許文冠 Hsu, Wen-Kuan |
|---|---|
| 論文名稱: |
UNIX檔案共用權限架構之改進與實作 Improvement and implementation of UNIX file sharing control architecture |
| 指導教授: |
王明習
Wang, Ming-Shi |
| 學位類別: |
碩士 Master |
| 系所名稱: |
工學院 - 工程科學系碩士在職專班 Department of Engineering Science (on the job class) |
| 論文出版年: | 2008 |
| 畢業學年度: | 96 |
| 語文別: | 中文 |
| 論文頁數: | 77 |
| 中文關鍵詞: | 網路資訊系統 、網路檔案系統 、高級加密標準 、以角色為基礎的存取控制 、輕量級目錄存取協定 |
| 外文關鍵詞: | LDAP, NIS, NFS, AES, RBAC |
| 相關次數: | 點閱:40 下載:1 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
UNIX作業系統發展至今已經有三十多年歷史了,其多工穩固的特性至今依然是擔任伺服器的主要作業系統。目前電子製造業或IC設計業之機台作業系統仍以UNIX為主,並以NIS作為帳號整合,NFS為檔案共用協定。這樣的架構在較為複雜或特殊的檔案共用時,傳統的UNIX檔案權限控制便無法有效的達到安全控制。
本研究以電子業為環境,提供現有NIS架構導入LDAP資訊技術的方法,並以對稱式加密演算法保護共用檔案的安全。檔案授權機制亦導入角色的概念。最後實作此系統。
UNIX operating system has been developed more than 30 years. Due to the excellent capability of multitasking and system stability, UNIX is the main operating system of most of servers used in the E-manufacturing or IC design industry of Taiwan. NIS is used to manage the accounting information and NFS to handle the file sharing of the system. But its structure of accounting and file sharing can not handle very well for security control under the special need or more complex of file-sharing. In this study, the LADP technology is introduced to join the NIS framework and the AES algorithm is used to encrypt the sharing file for increasing the system security. The role-based concept also introduced for the sharing file authorized mechanism.
[1] David F. Ferraiolo and D. Richard Kuhn, “Role-Based Access Controls”, Proceedings of the 15th NIST-NSA National Computer Security Conference, Baltimore, Maryland, October 13-16, 1992.
[2] Ravi S. Sandhu, Edward Coyne, Hal Feinstein and Charles Youman, "Role-Based Access Control Models", IEEE Computer, Volume 29, Number 2, February 1996, pages 38-47.
[3] M. A. C. Dekker, J. G. Cederquist, J. Crampton, S. Etalle, “Extended privilege inheritance in RBAC”, ACM, 2007, pages 383-385.
[4] David F. Ferraiolo, D. Richard Kuhn and Ramaswamy Chandramouli, Role-Based Access Control, Artech House, 2003.
[5] Hal Stern, Mike Eisler, Ricardo Labiaga, Managing NFS and NIS, O’REILLY, 2001.
[6] Gerald Carter, LDAP System Administration, USA, O’REILLY, 2003.
[7] Timothy A. Howes Ph.D., Mark C. Smith, Gordon S. Good, Understanding and Deploying LDAP Directory Services, USA, Addison Wesley, Second Edition, 2003.
[8] Martin Fowler, UML Distilled, Addison Wesley, Third Edition, 2004.
[9] Kathy Walrath, Mary Campione, Alison Huml, Sharon Zakhour, The JFC Swing Tutorial Second Edition, Sun Microsystems, Inc., 2004.
[10] Sun Microsystems, Inc., “Sun Java System Directory Server 5 2005Q1 Administration Guide”, http://docs.sun.com/app/docs/doc/817-7613, 2005.
[11] Sun Microsystems, Inc., ”System Administration Guide: Naming and Directory Services (DNS,NIS,and LDAP)” ,http://docs.sun.com/, 2008.
[12] Sun Microsystems, Inc., ”System Administration Guide: Security Services”, http://docs.sun.com, 2008.
[13] Sun Microsystems, Inc., Sun Crypo Accelerator 100 Board, http://www.sun.com/products/networking/sslaccel/suncryptoaccel1000/index.xml
[14] Sun Microsystems, Inc., MySQL, http://mysql.com/
[15] Sun Microsystems, Inc., Developer Resources for JAVA, http://java.sun.com/
[16] Oracle, Database Security, http://www.oracle.com/database/security.html
[17] IETF, IETF RFC Page, http://www.ietf.org/rfc.html
[18] NIST, AES, http://csrc.nist.gov/archive/aes/index.html
[19] Microsoft, Active Directory, http://technet.microsoft.com/en-us/library/bb742424(TechNet.10).aspx
[20] Apache Software Foundation, HTTP Server Project, http://httpd.apache.org/
[21] PHP Group, PHP: Hypertext Preprocessor, http://php.net/
[22] IBM, Quickplace, http://www-07.ibm.com/software/tw/lotus/product/a1.html
[23] IBM, Domino, http://www-306.ibm.com/software/lotus/products/domino/
[24] 方俊富,「以LDAP提昇協同合作平台的安全管控措施之案例研究」,國立台灣科技大學自動化及控制研究所論文,2004
[25] 賴溪松、葉育斌,資訊安全入門,全華,台灣,2001。
校內:2009-08-14公開校外:2013-08-14公開