| The strategy of Role-Based Access Control (RBAC), which has been arising since 1990s, has efficiently overcome the shortcoming of traditional strategy for access control. It can reduce the complexity of authorization management, cut down management costs, and provide a better environment for the administrators to carry out security policies. However, in the filed of RBAC, how to model and implement are still the hotspot and problems to be solved, which include further management and reclaim of privileges, the formulation description of related operation, and the introduction of both discrimination and role management.This paper studies Discretionary Access Control (DAC), Mandatory Access Control (MAC) and Role-Based Access Control(RBAC), analyzes the advantages ,disadvantages, and differences among them, and realize a RBAC-based Supermarket Personnel Management System. With the realization of RBAC, the MIS of chain stores can adapt itself to the security policies dedicated to the corporation, prevent both the inbreak of illegal users and the illegal operation of authorized users, and reduce the burden of administrators. The act of authorization is for roles , not for users, so the system can adjust it according to the internal restructure of the corporation, which shows great flexibility. What's more, the improved RBAC model can put constraints on roles dynamically when establishing session management. This could limit users' access scope, which accords with the multi-hierarchy of... |
PDF Full Text Request