| With the development of Internet, the network security has become moreand more important. The access control is to authorize system user the accessability and the access scope by some means. For distributed network system,especially WEB application, the access control has become the essential basicsecurity technology on application layer. At the same time, it has become achallenging question because of its complexity.Based on the safety requirement of distributed network environment, therelated access control has been researched in this dissertation.First, the particularity and the importance of access control in thedistributed network environment have been analyzed;the summary of basicaccess control theory and technology has also been discussed.Secondly, several kinds of typical access control models have beenresearched. In view of the distributed network environment demand, thecomparison to each model has been carried on. As well, the famous Role BasedAccess Control and Task Based Access Control have been researched. Thereason that they are not suit the distribution network has also been presented.At the same time, Role-Task-based access control model based on the twomodels has been produced. The concepts of virtual organization and the serviceflows have been introduced;formalized definition and constraint of the modelhave been produced. Based on the analyses of the conflict that induced byinconsistency of constraint, a new way to solve this problem has been carriedon. It can solve the problem effectively.Thirdly, based on the research, primary design of the system is worked out,and an access control system is developed. This system is used to manage andauthorize the network users in unison. Each part of the system is independent,which guarantees the loose coupling of the system.Finally, evaluation of the system has been presented. The system has beenproved to be more security, more availability, and it can be integrated andmanaged easily. |
PDF Full Text Request