| Information security is an inevitably problem of network application. Under modern network environment, network is used more and more widely, so this problem is becoming more immence. There are two way to avoid losing of enterprise for information leak with the prevention of unauthorized use of a resource, and the prevention of use of a resource in an unauthorized manner.The Privilege Management Infrastructure is such a comprehensive security scheme to provide the above services .PMI provide authentication service and access control service simultaneously. A existing PKI system can provide the authentication service. The access control service need implement administrative function according to selected access control policy and model, further step is to provide access decision function upon such administrative function.Nowadays more and more organization take Role based Access Control policy in their application. To implement a RBAC system, need to choose a RBAC model then work out the RBAC access control API. These API can act the administrative role to asserting that a subject should be granted a set of privilege attributes and act the operational role to allow a subject to access a resource after determining that he, she, or it has been granted the required set of privilege attributes in a PMI system also. |
PDF Full Text Request