Dense Identification System Based On Multi-granularity Access Control Design And Realization

The information technology develops rapidly in the 21st century, and paperless office is becoming a trend. With the extensive application of electronic documents, a large number of classified information or sensitive information are in the form of electronic documents in many levels of government and military research institutes and other departments, so the security of electronic document becomes an issue. The existing management of paper-based document can not manage electronic documents effectively. We need to draw on the advantages of the existing maturity management of paper-based document, research for techniques of security management of electronic documents.Firstly, this thesis gives a brief introduction and analysis of domestic and foreign research of authentication technology, access control technology and electronic secret level marking technology. Through the market research of current document protection systems, this thesis introduces their advantages and disadvantages respectively. These systems can not mark the secret level explicitly and control the access according to the secret level marking. This thesis is committed to solve this problem.Secondly, this thesis gives a detailed presentation of the current mature access control models, and analyses the advantages and disadvantages of these models. Through drawing on the advantages of this access control models, combined with the practical application environment, this thesis designs a multi-granularity access control strategy and this strategy is applied to a practical system.Finally, this thesis designs and implements an electronic secret level marking system based on multi-granularity access control. The system consists of three parts: the system client, security server and management client of security server. The system client consists of Microsoft Office AddIn plug-ins and Secret Level Marking OLE control. There are a relational database and a level database on the security server. The management client is responsible for managing the security server database safely, conveniently and remotely.In this thesis, I design an effective management strategy of secret electronic documents, and develop a practical application system basing on this strategy. This system can mark the secret level explicitly and control the access according to the marking. This thesis resolves the security management issue of secret electronic documents successfully, and it has an important significance to managing electronic documents in many levels of government and military research institutes and other departments.