Research And Implementation Of An Improved RBAC Permission System

Posted on:2008-03-23

Degree:Master

Type:Thesis

Country:China

Candidate:Y M Xing

Full Text:PDF

GTID:2178360218952511

Subject:Computer software and theory

Abstract/Summary:

PDF Full Text Request

With the development of the Internet and information technology, the enterprise information systems have gotten more attention and are being used more as applications. The strict security access control of the system is critical to its implementation due to confidentiality and sensitivity of the data involved.The main research content of this thesis is as follows:Systematical researches on the access control technology, RBAC models, role-based delegation models, summarizes characteristics, advantages and disadvantages of them.Designs a hierarchical permission system, the main design work is as follows:Improves role-based delegation models, presents a synthetic role-based delegation model.Realizes a data permission model based on RBAC and two implement methods of data permission including data node authorization and query factory authorization, uses hierarchical model to control user's query result, this hierarchical model includes Global-Data, Dept-Data, Other-Dept and Only-Self.Presents a flexible way of authorization including role authorization and user authorization, loading all available permissions for one time when user logins in system.We use the cache technology to enhance the access control decision-making and the implementation efficiency of system.We divide three kinds of the special permission users: system administrator, system security administrator and system audit administrator. Realizes special permission separation and satisfy least permission principle of security system. Uses hierarchical authorization for special permission users instead of concentrated authorization of traditional RBAC models in order to satisfy hierarchical organization chart of large-scale enterprise,Hierarchical permission system has been implemented successfully in marketing operation platform of a large-scale enterprise group.We use advanced MVC design model ,spring+struts/webwork+ hibernate development framework, we also demonstrate that the scheme is feasible in large enterprise information systems.

Keywords/Search Tags:

access control, RBAC, role, hierarchical permission system, permission delegation

PDF Full Text Request

Related items

1	Research Of Role-Based Access Control And Its Application In CAD Collaborative Design
2	Research On Access Control Mechanism In Information Systems And Its Implementation
3	Study On Delegation Model In Access Control Systems And Its Implementation
4	Research And Application Of Permission Management Fine Granularity RBAC Model In PDM
5	Research And Application Of Extended RBAC Model On The Permission Control
6	Design And Implementation Of Permission Management Subsystem Base On RBAC Model
7	The Research And Implementation Of Permission Management System Based On RBAC
8	Research And Implement Of RBAC Model On User Delegation Mechanism In ASP Pattern
9	Investigation And Improvement Of Role-based Access Control In CSCW
10	Research And Application Of Role-based Access Control