| With the development of society informatization, security technology of information system becomes one of the research hotspots. My thesis is to develop a universal access control system, which can not only satisfy all application systems requirement, but also support different database storage.This dissertation first provides the technical background for FlexPMD(Flex Privilege Management) system, a universal privilege management system platform, by introducing access control technology, Windows security subsystem and correlative background knowledge of LDAP.In the following chapter, the article brings forward structure design of universal privilege management model. It proposes a general security management model based on Windows security subsystem and RBAC model. According to different circs, we store privilege information in subjects or objects. And privilege control can also be accessed initiatively or passively.In chapter 3 and 4, the article writes out the structure design and implementation of FlexPMD. First of all, it introduces the original system structure and the structure map. Then it proposes the idea of storage based on LDAP, OODB and RDB and shows the implementation of the privilege management model in every particular. At last, the article shows the strength and weakness of these three feasible solutions by comparison.The access control system based on LDAP is detailed explained, for it is the most difficult part in the whole system. Referring to the original design, we have adopted newly designed data structure and algorithm, which took great effect later.Finally, the author summarizes the disadvantages of current FlexPMD system and points out the future direction of the system. |
PDF Full Text Request