| With the development of internet and information technology, people are making full use of information and resources of internet. However, the information security problems have become increasingly prominent. As to the problem of network attack, illegal invasion and so on, this paper designs a secure transmission and authorization management system which based on the improved RBAC model.To begin with, according to PKI principle, a secure transmission channel has been established. The channel combines the digital certificate issued by Certification Authority and SSL protocol. The characteristics of rapid speed of DES algorithm and key flexibility of RSA are add into the realization of channel. It realizes the identity authentication of users and encrypted transmission of information in security channel. In addition, according to the model of RBAC96 and ARBAC97, DRBAC right management model which is based on the department structure is proposed. The model uses the technology of Struts framework and the principle of right set. It can set up the department according to the requirement of practical application system. The rights of specific role based on the department rights set. The new model achieves the dynamic allocation and peel of rights. At the same time, it also attains the distribution and concentration of rights management. Thirdly, AOP programming technology is joined in the system to implement the log audit system. It takes advantage of the post-notification to record the legitimate access information. It also makes use of around-notification to record illegal access information. The illegal access analysis can get the dangerous user and sensitive path. On the analysis of dangerous path, log audit system can find danger users belong to this path. It provides further protection for the system security.The system provides a good solution to the problem of identity authentication, date secure transmission and access control in network. |
PDF Full Text Request