Research And Realization Of Authority Management Of Comprehensive Security Management Platform

With the rapid development of the network, information technology and distributed computers, more and more devices connecting to the Internet, more and more information being shared on the network, the problem of security management of equipment and information and the problem of secure access control have becoming increasingly important. On the other hand, in response to the ongoing security challenges, enterprises, units government agencies and so on, have to deploy firewall systems, intrusion detection systems, vulnerability scanning systems, anti-virus systems, etc., but these security systems are against an aspect of security threats, forming a lot of "security defense lonely islands"; at the same time, during the running process, equipment resources and security defense systems constantly generate a large number of security logs and events, forming a great many of scattered "information lonely islands", making it difficult for security administrator to identify the real security risk. Comprehensive security management platform for Information Network Center of a certain city is developed based on the above demand background, which makes security management realizing span from decentralization to centralization, and greatly enhances the security of facilities, systems, networks, information and so on.In comprehensive security management platform, privilege management plays a very significant role for access control of the system. Effective privilege management must to control the different users accessing permissions to the system module, and ensures that the system data is security and the operation is reliability. Privilege management module must have a high security to prevent the occurrence of the problems such as unauthorized using, the illegal invasion and the like, and it also should provide the using convenience for authorized users while in the strict protection of information security.This paper introduces the common access control technology, discusses in detail the role-based access control(RBAC), gives an overview and analysis of comprehensive security management platform, analyses the demands of privilege management module of the system, gives an analytical introduction of the role-based access control and authorization schemes in J2EE Web development combining with privilege management needs, provides a summary analysis of the solution adopted in privilege management of the system, and further gives the detailed design and implementation of the privilege management of comprehensive security management platform.Privilege management of comprehensive security management platform adopts the role-based access control model, makes use of Filter intercepting to carry the access control through. Dynamic privilege management makes the control of the system having high flexibility, improves the maintainability of the system, and at the same time, also reduces the development costs. Operating privileges of the functional points of privilege units being divided into read permissions and write permissions, greatly simplifies the configuration of authority.Privilege management of comprehensive security management platform makes use of B/S structure pattern, adopts the Struts open source framework achieving the MVC design pattern, distinguishes the expression layer, business logic and data layers and enhances the system's maintainability, scalability and robustness.Practical application results show that the solution proposed by this paper reduces the complexity of privilege management, has good work efficiency and good manageability. The system runs steadily, is recognized by the users and is given a good comment on the using of comprehensive security management platform.