Research On Security Model For Management Information System

With the development and the widely use of computer technology, lots of corporations and institutions have established management information systems. In the process of developing an information system, security has always been given the first priority, which is critical for the survival of the information system. Therefore, designing a security model of enterprise information becomes a more important research field.This paper starts at the security requirement of management information system, focuses on information security model and related security technology, and extends the traditional RBAC96 from temporal delegation to design temporal role-based access control model. This model, an enterprise information system universal security model, is composed of a series of the components including access control components, identity authentication components and database encryption components.The access control components implements security access to the system, and prevents the illegal user from entering the system, keeping the validated user from the illegal using of system resource. In the paper, user contacts with access permissions through contacting roles with access permissions and allocating suitable roles to the user. The security model supports temporal delegation. After identity authentication of the user, the system will activate his valid permissions which decide whether he can access the system resources. Moreover the paper divides the superpower into three parts, conferred respectively on the system administrator, the security administrator and the application administrator, and these three roles take their respective responsibility and supervise each other.The paper implements identity authentication for different ranked users with different authentication mode, digest-password-based authentication mode and elliptic-curve-based authentication mode, considering the requirements of system security and efficiency. Security of the latter relies on the difficulty to solve the discrete logarithm problem of elliptic curve.In the database encryption aspect, the paper analyses kinds of encryption algorithm, and combines 3DES algorithm which is better than others with sub key technology to encrypt the important information in the databases. The paper adopts two-level key management mechanism, including the main key used to create the work key and the work key used to...