| In recent years, the world's running into the era of network economy, the e-commerce has close relationship with the daily life of every individual. With the rapid development of e-commerce, its security problems will become increasingly important. Access control technology, which is a very important aspect of e-commerce security system, has been widespread concern. A study on the access control model has a very important theoretical significance and practical value.In role-based access control (RBAC), permissions are associated with roles, and users are made members of roles thereby acquiring the roles permissions. The authorization for system' user can be very flexible; it reflects the thinking of the minimum authorized. However, in practical applications, especially in cross-system and multi-user e-commerce systems, the number of roles and permissions will be very large. So how to manage a large role database and how to update the relation between roles and authorities for satisfying customer needs has become a very big problem.For features of cross-system and multi-user e-commerce, this paper deeply studies the role-based access control model, and puts forward an improved model of RBAC. This paper defines in detail concepts and rules of the improved model and achieves its description of XACML policy language. On this basis, it uses Java language to implement the main module of this improved model of RBAC. |
PDF Full Text Request