| With the development of Internet technology, Open-Service,Unified-Management,Flexible-Deployment become the direction of the development and implementation of information system, at the same time, new problems and challenges have been brought to the system resource protection and access control. The traditional Role-based Access Control (RBAC) model can implement the access control policy well in closed system environment, but can't do well in open environment.Service Oriented Architecture (SOA) is a method of designing and constructing the loosely coupled software solutions. Through the deployment of SOA, an enterprise can use a set of distributed services to build application system in heterogeneous environment. In this way, it will be able to reuse the existing resource and partner's business functions to construct a new application system.This paper is based on the research of RBAC model to design and realize a dynamic RBAC component for SOA. Firstly, the component achieved the basic function modules of RBAC and through the design of internal and external interface to dynamically distinguish and manage the related requests. Secondly, it gave different access control policy according to the user's login properties. Again, the external requester use Role-Agent to get service. Finally, based on the web discovery and integration model, it registered the external services into the internal management of the component.With the design idea of the dynamic RBAC component and under the technologies of Struts + Spring +Hibernate, this paper gives a realization of the component on JAVA platform. |
PDF Full Text Request