With the development of Internet and the improvement of network resourcesharing, network security becomes more and more important. Identity authenticationand privilege management are two vital aspects of network application security, andthey are becoming the research hotpots in the information security area.Based on Public Key Infrastructure digital authentication, this thesis in-depthstudies of Role-Based Access Control theory, puts forward an effective securitymechanism in Web setting combined with technologies of secure cookies and cache,and testifies its feasibility and validity by experiments. Contraposing RBAC model, animplement framework of time constraint is put forward then, and is described indetails. Based on the research of Web service and LDAP protocol, a new directoryservice model based on Web service is put forward and it is testified by mathematicalmodels. |