| As the popularization of internet, web information system has being an important way to efficiently process information. As the guarantee of information security, access control has been paying more and more attention.Access control model which is the theoretical basis of access control has become an important research subject. This article summarizes the mainstream access control technologies in current information systems including Discretionary Access Control (DAC), Mandatory Access Control (MAC) and Role-Based Access Control (RBAC), and analysis the advantages and disadvantages of these access control models, focusing on analysis of role-based access control technology. In the Role-Based Access Control model, the users of the information system are assigned different roles according to their functions and positions, in order to reduce the complexity of authorization management and reduce management overhead. Based on the analysis of the requirement of the network file service system, this article points out the disadvantage of the RBAC model, then proposes an Improved-RBAC model. User and resources are tied in this model in order to overcome disadvantage of the original model, the performance of the system is improved because of this. The concept of the operation-role set is introduced in this improved model, making it more convenient to grant privilege to roles and accommodate to people's pattern of privilege management. This article also introduces the design and implementation of the improved RBAC model in network file service system. |
PDF Full Text Request