| Access control is a measure that uses certain approach directly to limit or permit access ability and range. With access control service, we can restrict the approach to critical resource, avoiding damage brought by illegal user's intrusions or legal user's inappropriate operations. Discretionary Access Control (DAC) and Mandatory Access Control (MAC), being the two main traditional access control modes, have their own evident shortage and limit their range of appliction. In 90's, Role-Based Access Control (RBAC) techinque emerges. Owing to the concept of 'role', RBAC makes users image a certain roles, and executes access control based on a user's role in an organization, which effectively overcomes the shortages of traditional access control techinque. It can make the process of designating and executing specific policy of protection more flexible, which gives the administrator a better environment to implement policy of security. With the implementation of e-information, e-business and e-office, it is more important than before that the requirements of information resources access and content security. RBAC, as an advanced mode of access control, can support access control on the "Application Layer"(i.e. Web pages, MIS & etc.) and also include the "Transportation Layer", which can give different extent access control according to different applications. Our project designs and provides the platform of Role-based access control system, at the same time, explains relavant practical applications. Firstly, the technology background of the research and development of RBAC is introduced in this thesis. It includes the basic concepts of RBAC, technology characters, history process and the standard theory. Next, based on the specification of NIST RBAC, we provide the model of the architecture of RBAC. And next, describes the every system modles's conditions. At last, we use two typical practical applications with our RBAC system to show how to make good use of RBAC. |
PDF Full Text Request