The Research And Implementation Of RBAC Model Based On Eclipse Plug-in Technology

As the one of the five standard security services established by International Standard Organization (ISO), Access Control (AC) is an important mechanism of Information Security (IS). Role-based Access Control (RBAC) is one kind of the AC technology, which has many advantages for applications in many enterprises recently. Because access control policy based on RBAC model is implemented by system administrator, this technique is only appropriate in application system that has a small quantity of roles and it can increase the system administrators' workload and induce access control policy discretional for the application system that has large numbers of roles. So it doesn't ensure the implementation of access control policy correctly.In this paper, an assignment method of role-permission in RBAC has been researched. The rationalized approach that assigns roles to the corresponding permissions according to the property of role is analyzed. As a result, the problem in which the role-permission assignment relies on administrator is solved by this means. Consequently, the correctness of the implementation of access control policy can be ensured. With the application of RBAC technology broadly in large information systems, how to realize a universal extended RBAC plug-in and make it integrate with different applications to accomplish the access control function of application system and shorten cycle of development application system is another important research problem in this paper.Firstly, the RBAC model is researched in this paper. And the shortage of the RBAC model in application is analyzed. Secondly, the RBAC model is improved, such as defining the function range of role, picking-up the property of role, decomposing roles according to property. And then the permission corresponding to role is produced. Thirdly, Eclipse platform is researched. The eclipse principle and the plug-in development method are analyzed detailedly. Finally, universal extended RBAC plug-in is designed and realized in Plug-in Development Environment(PDE) of Eclipse.