| Along with E-Commerce and The realization work with no paper at all apply to various industries, Role-Based Access Control was widely used and NIST Role-Based Access Control standard came into being. In this paper, an extended Role-base access control model based on NIST RBAC was proposed. The extended model has some new elements like operation-roles according to abstracts of operation, object-roles according to abstracts of object, task for "the worst privilege" rule. The extended Role-Based Access Control model represents that everything belongs to its roles. Therefore, it just contains entities, roles, relations between role and role. Compared with NIST role-based access control model, the extended one is more flexible, more useable, more functional and safer.Combined with real requirement, this paper sets out design and realization of permission system based on the extended model. Permission system comprises four main parts: user part, object part, operation part and task. In latter sections, each subsystem is introduced specifically for its structure and quality, and corresponding model concept is particularly analyzed. At the end of this work, experiment results are... |
PDF Full Text Request