| Access Control is used to make a restricting to the source in a software system; so that these resources can only be accessed by the user who has the corresponding privilege. This article makes some researches on how to enhance the access control with RBAC model and AOP technique.Role-Based Access Control (RBAC) introduce the Role into access control, the privilege is assigned to role, then access control can be managed easily by assigning the role to user and the inheritance of roles. Although the RBAC model is well accepted, it turns out to have some problems in practice. For example: in RBAC model, a high security needs a small granularity of access control. Then, all the components in the system need to be inserted the function of access verify, which will lead to a bad structure and is difficult to manage. Such a problem can't be solved by a separate object in OOP, but it is fit for AOP.Aspect-Oriented Programming (AOP) is used to separate the behavior, which crosscut many component of the system. These behaviors can be implemented separately. By such approach, instead invokes the access verify function by component, the function is triggered automatically. Then the access control can be scattered into the components of the system, and enhance the safety of the system.This article makes some analysis to the implement of AOP in the Spring Framework, and uses a living example to illuminate how to improve RBAC model by AOP, so that the system has a little granularity of access control and the safety of the system has been enhanced. |
PDF Full Text Request