| With the development of the economy and social in information age, e-government has become a tendency in government reformation, it brings not only kinds of conveniences, but also a lot of security problems. Access control system is the core of e-government security system, and how to build a secure access control system is the central issue in e-government research.The paper studies and analyzes the existing access control models firstly. Aiming at the problem that distribution permission of roles is only depended on user's identity in traditional RBAC model, without considering the security of the platform that users use, an improved Role-based Access Control Model Based on Trust Level of Platform is proposed. Two concepts of the trust platform and the trust level are introduced in TLPRBAC, and then the trust level of platform evaluation method is proposed. The relationships of entities and trust authorization rules are developed in the new TLPRBAC model, and the trust level is associated with subject, role, permission, and object, to achieve an authorization access control between different trusted level subject and safety level object. Combined with trusted technology, a government intranet access control system based on TLPRBAC is designed to achieve a credible, controllable, secure access and a more fine-grained access control to different level documents based on different identity and platform environment. Finally, the trust access control subsystem and document access control subsystem are implemented. |
PDF Full Text Request