| Web application has been widely used nowadays, coming down to everybody's everyday life, work and study and playing more and more important roles. It is rather common to discuss with others on the internet, to buy something on the web. Most corporations use web application to implement office automation and do business with other corporations. In all these kinds of network activities, it is crucial to protect important resources such as personal privacy and trade secrecy. Unauthorized access and illegal destruction must be forbidden. Broadly speaking, access control is to prevent unauthorized intrusion, including user authentication, permission granting, and the audition of action. In the field of modern financial information, all kinds of financial activities, for example, the currency issue, circulation and return, money lending, foreign exchange, gold and silver trading of various securities, the issuance and trading, bills discounting, trust, insurance, etc, would make use of information systems. Many resources in financial information system needs careful protection as an illegal intrusion would cause significant losses. Therefore, research on financial information system access control is of great significance.The article describes the basic concept about access control, design principle and some widely used model and framework, including mandatory access control, discretionary access control, and role based access control. It will focus on the basic characteristics, the general applicable environment, the implementation and the negative impact of role based access control. Based on the project feature of compliance reporting system, design the access control mechanisms, including identity authentication, page access control, RCP alert receive permission grant, password management, dynamic navigation and so on. |
PDF Full Text Request