| The security issues concerning electronic documents have become an important subject in the area of information security when they are used as a main information carrier in today's society. This thesis is about the access control mechanism of e-documents.In the information age, when it comes to information security, it is not only about physical space, but also cyber and electromagnetic space. The security issues have extended from that of the information content to the system, infrastructure, communication and perception. And the management is exercised through more than administrative measures, but supervision over personal behavior, technology and security policy management, risk assessment and information counter measures. The current e-documents protection mechanism works through encryption, format conversion and supervision over network protocol. Due to a lack of dynamic deployment control mechanism, privilege disorder occurs in the case of a great amount of documents and security problem would even be incurred. This thesis tries to resolve the issue through a policy based on access control and evolves around the following points:First, it designed a role-based access control model based with the function of context-awareness. The model can adjust user privileges according to the context derived from application environment, which not only makes up the defects exhibited by the role-based access control in dynamic systems but also supply a more convenient user management.Second, it applies technologies including data transmission and Windows Transparent Encryption and Decryption to establish an e-documents security control system, including a systematic plan, role, user, group and department management.Third, deployment and testing are carried out to show its operation stability. A flexible and granular access control is guaranteed when effectively reducing e-documents disclosure. |
PDF Full Text Request