| With the fast development of human science and technology,We have entered information age. The flourishing development in such technology as enterprise's informationization, Internet's application, e-commerce, etc is making the fast growth of data quantity. It's no exaggeration to say that the relationship between the data storage technology and our life is becoming closed. The early data storage system is a part of the computer system, which appears in the form of storage equipment. The computer system is connected to the disc through the bus or input/output system. The computer works by way using unit basically. With the development of network technology, the way of data storage changed in many machine from single machine. Sharing and transmission of data rely on host computer system and network system. Nowadays, application system use multi-server and multi-data source. In the large-scale enterprise's application system, it's normal to use many servers to work together. But it's very difficult to access and manage the data because of the distribution of data source. Network attached storage is a storage device with a operation system,just like a special server with embedded operating system. It can realize the large storage capacity, redesign and optimize to the file system in order to offer high-efficiency file service. The mode of NAS regards network as the centre, makes use of existing Ethernet resource to get involved in the special-purpose network storage equipment instead of disposing the exchanger network in addition. NAS is based on LAN, carries on communication according to TCP/IP agreement, because the original intention designed in TCP/IP agreement is used for the communication of the data, so the data transmission unsuitable to be intensive and extensive. Storage area network solve the problems of high usability, security of storage performance. SAN is a kind of high-performance distributed file system, can reach the speed of accessing local file system, dispel the problem of the bottleneck and realize the distributed data share at the same time. SAN has been used in construction of storage system because of it's characteristics that management convenient, good fault-tolerant ability, high dependability, supporting different construct server, etc. So it has the advantages which can't be substituted and enormous potential value. Maybe SAN is the future of network storage, but its network connects technology is not perfect, we must carry on enough secure protection to the data. Access control is a very effective way to solve the secure problem of data storage. The traditional Mandatory Access Control technology provides the support on duty separate and minimum privilege is very slight. It can't control the relation between the subject and the code which it carried out. It restrains the ability of protect function of system based on authentic code and the ability of manage code. It can't minimize the possible of carrying out hostile code. Ferraiolo have proposed the role based access control model because of the deficiency of traditional access control. Its peculiar advantage has caused the extensive attention of academia and industrial and it become a focus of database secure study. The basic thought of RBAC is the concept of introducing the role between user and access authority, link up the user and role, control user to access the resource of system by role authorize. User has the authorization of access resource by acting different roles. Such new access control technology can reduce the complexity of authorizing management, reduce the expenses of management, and still can offer the environment of realizing complex secure tactics for administrator. This paper uses these two advanced technologies to design the automobile parts manufacture system in coordination and put forward a kind of secure control way. Data access secure controller identify user before he access data in SAN. The thought of this paper is that we can divide roles and corresponding authority according to the behavior of the organization or the working duty, this information instead of user information or user group information is stored in access control list. The...
|
PDF Full Text Request