| As the rapid prevalence of Information Portal, access control of portal resources becomes more and more important. Traditional access control methods no longer satisfy for the needs of today's Portal Application System ,Role-Based Access Control (RBAC) , which will lower the burden of authorization management and provide a security policy consistent with the organizing structure of the enterprise, becomes a main method to resolve the safe access control for Information Portal global resource.According to the characteristics of Portal System, the paper provides a RBAC model based on the analysis of RBAC96 model and ARBAC97 model. Then, the application framework found on RBAC model, referring to the access control framework of x.812/IS0 10181, is given, and its designing technology is probed into particularly. The most important members of RBAC model System component include authentication service, access control server and access control system. Access control server provides files of user faced access control rule for application systems. Actually, it is a rule file library. The authorization management mechanism provided by access control system implements the authorization management between users and roles and between roles and authority. And it implement the inside cache RBAC model and the middleware technology.This RBAC model materializes the main characteristics of RBAC96 and ARBAC97 model, and it can satisfy application requirement of Information Portal. The model can commendably realize the universal resource access control in enterprise environment. |
PDF Full Text Request