| With the continuous development of Internet technology, the majority of enterprises and institutions have begun to build or even upgrade Web Information Systems (WISs). As is known to all, these particular systems are based on B/S model, which can manage or distribute information easily. In light of B/S model's proper characteristics, its capability of security access control is not consolidated. Therefore, how to build a secure WIS has now become a hot spot for researchers. On the other hand, the application of fine-grained access control to a certain extent, improves the security of the WIS and the flexibility of access control.Firstly, this dissertation analyzes the general structure of the WIS and its object, expand the object of the NIST RBAC model, and then put forward an OHRBAC model and its formalization description. Secondly, we design and develop a middleware of fine-grained access control– OHRBAC4J, and elaborate its modularized implementation in the view layer and controller layer from the perspective of MVC design pattern. Finally, we introduce a demonstration based on OHRBAC4J from a College Personnel Information System, and then analyze how to build the unified access control of multiple WIS based on OHRBAC4J.OHRBAC4J realizes the access control of page elements and response approaches in Java WIS. Compared with the existing approaches, OHRBAC4J is able to enforce fine-grained access control for Web applications and has higher efficiency of the implementation, and can greatly improve the security of the WIS and the flexibility of the access control. Moreover, the modular approach will not only facilitate the system's development, testing, upgrade and maintenance, but also enhance its overall performance and portability. This brings it with strong adaptability. At the same time, the expansion of the object has a theoretical value to the promotion of the study of the similar issue. |
PDF Full Text Request