The Research And Application Of Role-Based Access Control System

The access control is the main strategy of the network security guard and protection, which guarantees that the illegal use can not visit the network resources. It is one of the most important core strategies of guaranteeing network security. The traditional access control can not meet the increasingly secure need. The Role-Based Access Control (RBAC) technique introduces the role concept. Owing to'role', RBAC makes user image a certain role and executes access control based on a user's role in an organization, which effectively overcomes the shortages of traditional access control technique. It can make the process of executing specific policy of protection more flexible, which provides a better environment to implement policy of security for the administrator.The dissertation analyses three popular technology of the access control, especial the role based access control model (RBAC model).Then it analyses the concepts and elites about the RBAC96 model in detail. Based on the analysis,this dissertation proposed an extended RBAC model. Now the quantity of users and roles in management system is more and more as the scale of the system is bigger. The user-role assignment is harder, so the administrator will have more work to do and Access control will be inefficient. For this condition, this dissertation adds the definition of"group"to RBAC model. RBAC model has not auditing function: the operation of authorized users will be not restricted. The authorized user can do anything within his authority. For this condition, this dissertation adds auditing function to RBAC model. This dissertation introduces the formal definition of the extended RBAC model and discussed the group and auditing in detail.At the end of the dissertation, introduces the application of the extended RBAC model in college automotation office system. The design of the access control model, user management model, role management model, privilege management model in access control system have been discussed in detail. At last the dissertation this dissertation introduces the implementation and running of the access control system.