Role-Based Access Control Mmodel And Research In Library Management System

Access Control(AC) is an important mechanism of Information Security(IS) As time goes by the traditional AC models,such as Discretionary Access Control(DAC) and Mandatory Access Control(MAC),no longer satisfy the newest requirements and standards ofIS.But the role-based access control model can effectively overcome the limitations of the traditional AC models,and provide a safer access control strategy.The paper studies how to build a perfect model of Role based access control and design a reasonable application framework based on RBAC model theoretically and practically.The paper first introduces and analyses several typical models of Role-Based Access Control:RBAC96,ARBAC97,etc.Then,introduces and analyzes the RBC96 model and ARBAC 97 model in detail.By pointing out the deficiency of models of RBAC96 and ARBAC97,the paper has put forward four improved methods:First,the way of the improved role inheritance relationship:By dividing permission into common permission and private permission,while introducing common inheritance and general inheritance,the paper solves the problem caused by private role.Second,the way of improved role permission redundancy:the paper introduces the branch parameter and virtual right of the object and the subject,and then by abstracting and classifying them,we can reduce the waste of roles.Third,the way of improved principle of Least Privilege:the paper presents two methods of implement of principle of Least Privilege:(1)we can separate risk permission from general permission and treat it by a special process,(2)we can limit the hierarchy of role inheritance.Forth,The improvement of segregation of duties:To establish the role of auditors, the administrator for the user or the distribution of roles for the role of the distribution of authority after auditors must be approved to take effect.By synthesizing the three improved ways,the application framework found on the improved BRBAC model,referring to the access control framework of IS0 10181,is given,and its designing technology is probed into in detail,it mainly includes:the application system framework based upon BRBAC model,The authorization management model,the designing of various of modules of Role-Based Access Control.Then the paper implements various of modules of Role-Based Access Control:the management of permission,the management of role,the management of user,it also summarizes the specialties and advantages of BRBAC.Finally,the paper takes examples of application system framework based upon BRBAC model on Library Management System,and we implement the BRBAC model in Library Management System by the way of improved role inheritance relationship,the improved role permissions redundancy,the improved principle of Least Privilege,and the improved segregation of duties,Completed BRBAC role-based access control model in the library management system.