| With the widely using and development of Enterprise Information Systems, people look more important upon the security of system gradually. Access control technology is the key factor of solving security problems. At present most of Enterprise Information Systems adopt traditional methods including Discretionary Access Control (DAC) and Mandatory Access Control (MAC), which have some deficiencies. This paper theoretically and practically studies Role-based Access Control (RBAC) in Enterprise Information Systems.We analyze RBAC concept model, compare it with traditional access control scheme, and demonstrate the necessity of implement RBAC in Enterprise Information Systems. We point out the deficiency of model by discussing the characters and security requirements of Enterprise Information Systems. Then we propose an improved model by adding dynamic constraint on role, which can control the users' data access range. According the improved model, we design the scheme of RBAC implement, which includes dividing roles, assigning permissions, session management and RBAC administration. We summarize the specialties and advantages of RBAC in Enterprise Information Systems. Finally, we take examples of "System Development of CIMS for ShuiKouShan Nonferrous Metal Limited Company", which was mandated by Hunan provincial Scientific Committee as key project, and specifically expound the course of analyzing, designing and implementing RBAC scheme in Enterprise Information System. It also demonstrates that the scheme is feasible in Enterprise Information Systems. |
PDF Full Text Request