| Nowadays, the inner security issue is becoming a critical problem and restricts the development of e-Government systems.In the beginning of this thesis, the writer analyses inner security of e-Government then points out the problems:1.Collision between permission and permission or role and role.2.Increasing working burden of system security maintainer by the reason of personnel changing3.Failing to support complex structure of organization perfectlyAfter researching and analyzing current prevalent theory of access control, the writer decides to adopt Role-Based Access Control (RBAC) strategy into e-Government system as a basic theory.In the process of being applied into application, RBAC theory fails to support complex structure of organization perfectly, even it suits to the application of e-Government system mainly. So the writer improves it and puts forward China e-Government Role-Based Access Control (CeG-RBAC) theory, which keeping the strongpoint of RBAC and enhanced to support complex structure of organization by adding characteristic of Organization Structure into RBAC. In addition, the writer extends authorization of RBAC by introducing space-time feature. It supports auto-revoking permissions from roles and roles from users, which avoids hidden trouble of admin neglect to revoke roles from users or permissions from roles. The writer using RUP and UML presents a new design of RBAC in e-Government system, and discusses how to resolve the problems in the former system.Finally, RBAC is turned out to be very effectively applied to "Beijing Hai Dian e-Government system in bureau of industry and commercial" successfully. |
PDF Full Text Request