| Nowadays, multi-application-layers structure have become the mainstream instead of the single-application-layer structure in ERP system, because the former conquers problems such as data expression,data access of single-structure application, and the reuse,maintain and extension troubles of coupled business logic which are caused by the latter. However, to the term of system security, the more application layers, the more secure problem occurs, and also brings more difficulty management of the system security.In the field of security access control, Role-based Access Control (RBAC) becomes a major security technology in ERP system because of its agility and facility. But, its study emphasizes on the restriction and relation of roles, not the application in multi-application-layers system. So, the present RBAC models are not fit for multi-application-layers system to protect the system resource privileges lay in different layers. Multi-RBAC, a RBAC model that can apply in all application-layer is presented.This paper concentrates on the application of RBAC in multi-application-layers system, and covers these facets from the presentation of the application theory to its application design and implement. First, Multi-RBAC, the theory Model of the application of RBAC in multi-application-layers system is presented, as well as the relative research of the J2EE application and Oracle database. Second, based on these theories and for Oracle9i and BES6.5(Borland Enterprise Server), an application is put into practice which includes database design,web container design and browser design. Last, the theory model and the application are combined into the TETCERP's security management subsystem, and then describe the implement of the subsystem by analyzing software's function modules. TETCERP security management system has seven subsystems; each subsystem is described in detail by its function and the way of its implement and also by their logic relationship. |
PDF Full Text Request