| Since from 90's,RBAC has been developed deeply and extensively to improve the security of access control.However,the traditional RBAC model has no audit to user's privileges,so it cannot find out the root cause of access control problem,which makes network security manipulation exist defects,and which decreases the security of access control.To solve this problem,we improves the standard RBAC model.The model decreases the complexity and the defects of access management by introducing user group.And,by introducing audit,we prevent the illegal operations by legal users,and we improved the security performance of access control.We introduce user group according to the common attributes and it's difference with the role's definition to implement to manage the privileges of the access control simply and effectively.Meanwhile,to decrease the possibility of incorrect and spiteful operation,we need to monitor and control user's privileges.So we introduce audit to improve the efficiency and correctness of operations.We design and implement the improved RBAC in the Dalian Municipal Public Security Bureau Online Combat System.We implement the model's access control strategy by designing its elements and functional areas.The system conquers the defects of traditional access control model and makes the management of access control more flexible and convenient.Even though when it has problems,we can find out its root cause.Finally,on the basis of Dalian Municipal Public Security Bureau Online Combat System, we test the performance of the improved RBAC model and get good result. |
PDF Full Text Request