| Through analysis of Role Based Access Control (RBAC) model and related access control system research situations, the article utilizes SSH compositive architecture and multilayered design, and constructs an access control system. It expands the application theory of RBAC model, and at the same time, makes the access control system easy to develop, update and maintain.This access control system is mainly composed of five functional modules--user management, function management, module management, role management and authority management--and four entities-—user, role, module, function--which collaborate together to grant and verify user authorities. For example, a single user can have many different roles, and many users can also belong to the same role; a module can have several functions, while a function can belong to different modules. A role can have several different authorities for different modules, while different roles can also have unified authorities.This access system not only can configure different roles according to different responsibilities of different departments, through modules and functional configuration, but also can fulfill the one-department-different-user-authorities requirements. Based on the role management, the system has module management and function management configurations, which increases the system flexibility comparing with the classic RBAC modules.This access control system has successfully applied to Jin Ling petroleum chemical company information system, and has the cross-platform virtue as the JAVA language. It can be embedded to all kinds of information systems, and through this system, the user accesses authority can be verified, and the information resources are properly protected and disposed accordingly. This is an efficient measure of protecting information system security in the application systems. |
PDF Full Text Request