摘要： 当前的Web服务发现机制大多依赖集中式的统一描述、发现和集成注册中心，但组织机构出于安全和地域的考虑，倾向于构建私有的分布式注册中心，只有注册且可信的请求者才能浏览到他们有权限访问的服务信息。该文给出Web服务发现阶段基于角色的访问控制模型RBAC4WSD，发现代理依照服务提供者指定的安全策略对请求者实施访问控制，并以跨国公司内部的文档服务为例介绍原型系统的实现。

关键词: Web服务, 发现代理, 统一描述、发现和集成, 基于角色的访问控制, 隐私保护

Abstract: Most current Web services discovery methods rely on centralized UDDI registries. Due to the security and area, organizations usually build distributed private registries and enforce access control mechanisms. The registered and trusted people can browse the information of services they have permissions to access. A RBAC model for Web services discovery phase named RBAC4WSD is proposed. Discovery agencies are designed to perform access control on service requestors upon security policies specified by service providers. In terms of a scenario of distributed document service within a multinational company, a prototype system is described.

Key words: Web services, discovery agency, lUDDI, RBAC, privacy protection

中图分类号: 

• N945