Research And Implementation Of The Access Control System In Distributed Environment

Access control is an important technique which is used to protect system resources from access, modification and damage by unauthorized user. It is critical part of enterprise information system. If multiple application systems run within an enterprise, the data of those systems increase greatly. This results in complex and tedious access control. Therefore, it is of great practical significance to predigest the management of access control, on the premise of the systems security.With the development and maturation of the access control technology in recent years, role-based access control (RBAC) and task-based access control (TBAC) have been widely applied in various applications. However, both of them have their own drawbacks in practical use. RBAC implements the access control from a view point of special system. It's not suitable for the workflow environment. TBAC is widely applied in workflow technology, but it doesn't support static access control. For most of the systems, both static and workflow access control are used together. So the model used for protecting system resources is extracted from the system, and builds an access control system which is independent with the support of both static and workflow access control. And this system works together with other application systems under loose coupling. This method not only avoids the repeated development of this function model, which decreases the cost of software development, and also guarantees reliable access control, which provides convenience to users.The paper proposes a distributed access control system for practical use, based on RBAC model. The system introduces the task in TBAC, and uses .NET Remoting framework. It can also manage multiple application systems based on .NET platform. The access control model is disposed on special servers, and unified interface is provided on the clients, which set up a loose coupling integrated application system from multiple systems. And we implement the sharing of users and control information, which improves the management and maintenance of the access control strategy.