Research And Application On Auditable Role-Based Access Control Model

Currently, with the development of Internet technology and popularization of its application, it is the information times. At this time, information is the most valuable property. The people who have most useful information will succeed more quickly. Under this background, every industry has to do its information construction.Access control mode is very important on the way of informationization, especially for some information system that has large amount of users and resource. Access control is important to prevent inner information is lawlessly obtained, modified and destroyed and to prevent the system is unauthorized use. Therefore to design a stable, efficient access control policy not only can decrease the workload and mistake, elevate the efficiency but also can insure the Confidentiality, Integrity and Availability (C.I.A) of data and service. Because of Role-Based Access Control Model's powerful function and easy operation, it is very prevalent in the current day. But, traditional RBAC focused on the function of system, it can't make users'operation record auditable.RBAC's this flaw will get more obvious by the more focus on the information system's interior security.Access control and information audit of information system can be implemented separately, but both of them are closely linked with users and permission resource, so integrating them as a separate component can not only reduce system the complexity of the design, but also in line with the thinking of modular software engineering. In this paper, from a practical application point of view, firstly, carried out in-depth research and analysis on RBAC model, and then analyzed the content of information security audit, then according to the shortcoming that RBAC model can not be auditable for user's permission operation and strongpoint that information security audit can strengthen network security, it gives a new access control mode—RBAC-a model (a means auditable) and gives a detailed analysis based on characteristics of China's current college users and information systems and a detailed note on implement of RBAC-a model component in case system. Finally, the test results are given.The analysis of test results and comparison with traditional access control models how that RBAC-a model does more progress than traditional RBAC model. That is the value of this paper.