| Network has become one of the most important basic infrastructures of modern society. It has been used everywhere and become an essential element of the country. It also becomes an important tool for the economy. As the network has become more and more important, people begin to realize the important of its safety too. So more and more researches have been done on the protection of the information, which is accessed by the others through network. And the access control on network resources is an important part of it. Traditional access control method which is based on ACL can't afford the need for the protection on large distribute application, so role-based access control has taken place of the traditional access control. We research the infrastructure of the role-based access control on the web, and then present our role-based transparent access control infrastructure on the web after considering safety, efficiency, extensibility, maintainability of the system and the convenience for user's operation. We present the design of the authentication server and the role server. Describe how to implement the authentication service and role service in detail by Web Services. We analyze the threat of the cookie on the Internet and the secure cookie. Then we present our model for role-based transparent access control on the web. We implement an access control system for multiple web servers in the same domain using the model. Finally we present the flow chart of managing user's access. We also present the process of signing the secure cookie and verifying the secure cookie.
|
PDF Full Text Request