Lightweight Application Access Control System Based On AOP And WebServices In .NET Framework

Traditional role-based access control(RBAC) sytsem needs to add the codes of access control logic in the codes of business function logic to achieve the fine-grained access control.This will lead to scattering and tangling the whole system codes,and aspect-oriented programming(AOP) can solve this problem.Extracting the access control logic from system logic and Implementing as apsects .Releasing the enterpise application business logic in the form of WebServices.Using AOP framework to dynamically intercept invocations to WebServices and weave the corresponding access control apsects based on XML configuration files,achieve the access control of the system. As the same time, domestic enterprises accounted for 90% of the total number of small and medium-sized enterprises in order to meet the demands of future enterprise information, they need for a lightweight RBAC system.Therefore designing and implementing a lightweight access control system based AOP and WebServices in .NET Framework, is good to meet the security needs of small and medium-sized enterprises.The main work of this paper includes:(1) In this paper.aiming at that the exsiting RBAC system in applications of small and medium-sized enterprises is complex,costly and expandability is poor,etc. we design and implement a lightweight access control system-JM_ RBAC,which is for small and medium-sized enterprises in our contry,using AOP,WebServices and unified model RBAC3 in WebServices-based applications in .NET Framework.(2) This paper concisely analyzes and describes the thinking and advantages in programming combining the traditional OOP thinking.Beacuse there are many AOP frameworks based on .NET Framework,but most of them are not mature enough,we analyzes and compare the advantages and disadvantages of some AOP frameworks which are comparative mature and representative.Finally,we choose Spring.NET AOP framework to implement AOP.(3) This paper uses Mircrosoft released WSE component to expand and achieve WebServices security,and uses Username Token of WSE component to implement the digital signature and encryption of the SOAP message,so as to achieve WebServices security.(4) Based on the analysis of the insufficient of the access control system in Project Management System of the Road Construction in Zhenjiang City ,we apply JM_RBAC to the project management system.According to the specific application needs, we redesign the system role, and make a further expansion of JM_ RBAC system.The JM_ RBAC enhances the safety, robustness, maintainability and scalability of Project Management System of the Road Construction in Zhenjiang City.