Research On The Application System Based On RBAC

The security of information and network is becoming more and more important as the high speed develop of computer technology.Bugs of the system are found everyday and the packets are developed to make up them. It makes the Operation System more friability, beatable, and broken into. It is urgency to make the information more secure. The standards makes 5 levels of security, ID authentication, Access Control, Information confidential, the integrity of Information and nondeniable service. This paper introduces the technology of PKI, PMI and RBAC especially introduces the defination of the role under the 5 services, and do some research on the standards and models of Access Control. I provide an example of using RBAC which is a test system through the network. At the end, I provide the designation of an application system by using PKI, PMI and the latest technology of RBAC.PKI is a commonality system providing Security Service by using certificates which contain the public key and user information through the Third Trusted Party CA based on the Public-Key Cryptogrophy algorithm and technology to implement the anthentication on Internet. There are many common ground and differentia between PKI and PMI. Public key certificate is used to anthenticate the users' identity thouth the public key and the users' information. PMI is used to authenticate the users' right so that we can control the assess of the users'. In 1990s, the scientists began to research on RBAC for controlling the information just accessed by user' that allowed to. The primary research of RBAC is how to design the role of the users in the construture to decrease the complexity on authorizing and to decrease the cost on management and to provide an much more simple envirment to implent authorizing.In this system, we put the server of PKI, PMI, Web, and resource into a LAN by using firewall and Access Control Gate while all the user must be out the lan.All the resource access right include PKI,PMI and WEB are distributed by the server RBAC. And when transmitting resource though the resource server and the users, we must build a secure transmit channel to stop the interceptting and falsification. And we put the encryption and decryption doing on the resource server so that the Access Control Gate should not be too busy. And because the resource server should be more than one, so they can should do the work together. If needed, we can using the server of encryption and decryption so that we can process the resource by the encryption when transmitting the information.At last, we raise some hope to the PKI,PMI and RBAC by conclution the designation of the system.