关键词: 虚拟应用网络, 电路级代理, 细粒度访问控制, 语义, 基于角色的访问控制

Abstract: Concerning with how different applications and different network frameworks are integrated, how information is shared and integrated and security is assured simultaneously in information system, the concept of Virtual Application Network (VAN) was proposed. The concept adopted basic theory of circuit-level proxy. Taking session data flow of application protocols as its objective, VAN controlled and managed integrated information systems. Furthermore some key technologies such as: how VAN implemented uniform & simple platform of authentication and management, how VAN implemented subtle granular access control which was independent from various application protocols, and how Role-Based Access Control (RBAC) was combined effectively with subtle granular access control, were described. By research and implementation of VAN, a secure, uniform and transparent network application platform would be provided for integrated information system.

Key words: virtual application network, circuit level proxy, finely granular access control, semantic, role-based access control