| With the development of information management system turning towards multi-user, multi-application, the structure of data resources that users could access is increasingly complex and large-scale. In order to solve security problems such as illegally access or unauthorized access, access control technology is widely used in information management system.This paper focused on the role-based access control technology, the relationships and characteristics of RBAC96 model family were analyzed in detail. However, RBAC model could not be authorized flexibly, and system roles were much more than that we needed, so this paper proposed an improved RBAC model. The basic ideas of traditional access control was added into RBAC model, which could authorize users' permission directly, so a multi-forms authorization solution supporting role authorization and user direct authorization was formed. Then, the improved model was applied to real systems for realizing system permissions management functions.Finally, white-box, black-box and performance testing of the system was made, the result appeared that the software code was executable and the user's direct authority and role authorization could be accessed. Besides, a test including 200 Http requests and access showed that the average response time was less than 6 seconds, this system could respond to users'requests in real time.Experimental results show that this improved RBAC is feasible, flexible and expansible, it can protect the security of access to system resources effectively and has high practical value. |
PDF Full Text Request