| With the network become more and more popular and the enterpriseinformational work has developed far and far, the network is one most important wayto deal with information now. The attract to the enterprise network is so common, thenetwork safe become a hard problem. PKI is the most import way to resolve thee-business safe problem, it did a good job at the trust relationship between entities onthe web, but PKI is not a good mechanism to allocate right to the entities. So therespect of PMI is raised, the AC (attribute Certificate) can describe all of the mostcommon attributes such as group, role, right etc. To work together with the PKC, itcould be the most successful resolvent for the access right management.In e-business, the company bring forward higher request for access control forthe resource, authorization become a heavy work, but role based access control(RBAC) bring the concept of role to the access control, use the role as the agencybetween user and right, make the work be more easier, and the RBAC has someadvantage function such as role inherit and restriction, so now RBAC become moreand more popular in the field of access control. Role-based access control(RBAC) canreduce the complexity and cost of authorization managements compared withtraditional access control method, and the roles can be consistent with the personnelstructure in a organization or corporation. RBAC is the best schema to enforceauthorization policy on large Internet. Modeling and inplementation are the focus andnodus of research on RBAC.In this paper, the RBAC96 model and the define of Attribute Certificate isreviewed briefly. And discuss the advantage of the associate with AC. The policy ofRBAC is discussed reasonedly. Use RBAC model, the RBAC policy and the conceptof Attribute authority synthetically, a new RBAC system is brought up and the someprocess such as AC manage, role assign, policy control is analyzed. At the last, howto make an Apache module to construct an RBAC for web. |
PDF Full Text Request