| Rights management of information system is always an important part of security. In theory, research also has a very large number of results and models. Among of these theories, RBAC in particular almost dominated the mainstream theory. However, in our e-government, RBAC management model often can not properly reflect the security classification and the liberation of the confidentiality of business management, MAC and DAC models but in reality has been widely used.This in-depth analysis of the various application scenarios of information technology advantages and disadvantages of various types of authorization management, after summing up, starting from the Chinese semantic analysis in information systems, the use of the subject, action, object, adjective, adverbial, design authority of people, things (process),time,place (equipment), materials (resources) to form the five elements authority management system framework. Proposed information systems "policy - the token" unified theoretical model of authority. This framework will then be applied in e-government system, document management, the design of file security domain analysis method, proposed to equipment-based file security domain and range of foundation to manage the territorial security domain, to solve the security domain attributes and strategies for conflict management. And in accordance with " cipher for the application of electronic document standards" which is written by the State Administration cipher, to analyze and refine the file label in the management of the data structure. Finally the application of these theories to achieve enterprise-class electronic document management products is introduced. Comply with this theoretical innovation, framework design, application analysis and product implementation of four parts, a detailed explanation of how the theoretical model of design and application of rights management scenarios closely, and finally form a complete system of products. In design concept, this paper addresses a wide range of authorization in RBAC and the relationship between the DAC and MAC, and made based on access control list support RBAC, DAC and MAC authorization model. From design perspective, this paper clarifies the relationship between attributes and strategies that deal with the relationship between authorization and authentication. From the application design, electronic document management in the security domain is also proposed their own way, but also mastery of the product line design. And the actual product development, has also been a preliminary exploration.In this paper, e-government electronic document management has a strong practical significance for the electronic document management program to clear the entire product line of some theoretical and technical obstacles. |
PDF Full Text Request