Research and Implementation of Cross-Domain Data Sharing System in Net-Centric Environment
With the rapid development of network and communication technology, a great deal of data has been generated in different domains of the network. These data show a trend of increasing scale and more complex structure. Therefore, an effective and flexible cross-domain data sharing system is needed. The Cross-domain Data Sharing System (CDSS) in a net-centric environment is composed of three sub-systems. The data distribution sub-system provides data exchange service through publish-subscribe technology that supports asynchronism and multi-to-multi communication, which adapts to the needs of the dynamic and large-scale distributed computing environment. The access control sub-system adopts Attribute-Based Access Control (ABAC) technology to uniformly model various data attributes such as subject, object, permission, and environment, which effectively monitors the activities of users accessing resources and ensures that legitimate users get effective access control rights within a legal time. The cross-domain access security negotiation subsystem automatically determines the access rights between different security domains in the process of interactive disclosure of digital certificates and access control policies through trust policy management and negotiation algorithms, which provides an effective means for cross-domain trust relationship establishment and access control in a distributed environment. The CDSS’s asynchronous,multi-to-multi, and loosely-coupled communication features can adapt well to data exchange and sharing in a dynamic, distributed, and large-scale network environment. Next, it will given CDSS new features to support the mobile computing environment.