| With computer network and distributed computing technology getting more and more nature, J2EE multilayer web framework based on MVC pattern has become one of the primary architecture in developing distributed enterprise application. Patterns of network service are converting from C/S (Client/Server) to B/S(Browse/Server) or the patterns of web service architecture. Applications published follow the architecture of B/S and web service usually called web application. Nowadays the theme of the world is network. Services in fields of Ecommerce, Government, Finance and MIS etc have already provided through Internet. These services provide us much convenience in our daily lives and our business life becomes more effective with them. The network also need to address the personal privacy of the information security problem as in real life. Security problem is the hot spot either on engineering or computer science. There are so many patterns of Web Applications that we usually can't find a uniform way to approach the resolve of security concerns. In real projects we always can't reuse the code of the security aspect of early projects. Considering this, we need a security framework with the properties of light weight, scalable and extensible.In this thesis based on the requirements we integrate the model of RBAC (Role Based Access Control) bring forward a security framework with the properties of light weight, scalable and extensible. Various recourses should be assigned to roles in the form of object. User can make sure which permissions he owns to access some specific resources by right of his roles and access control policy. In thesis design of the framework always based on the real requirements and business logic it present the idea of functionalism. |
PDF Full Text Request