Research Of Access Control Authorization Policy Of Data Security Management System Based On DRM

With the development of internet and computer science , more and more important business data stored and transmitted in the network ,due to the lack of security mechanisms, data resources can easily be copied and tampered ,which brings a large amount of secure threats. Digital Rights Management provides a promising solution for the protection of data security, with the use of encryption and access control, enable the authorization of data access. However, there are many deficiencies in the existing DRM system, such as the unclear division of authority, authority to set unreasonable, etc., which problem is going to be solved in this paper.This paper designed a DRM-based data security management system, focusing on the access control policy implementation. Through researching the key technologies of DRM, we design a DRM-based data security management system (DSMS). Through analyzing DSMS and the existing access control model, a Subject-based Access Control model (BSAC) is proposed. At the end of this paper, we design and implementation the access control module of the DSMS.The main work can be summarized as follows:Firstly, we design a DSMS system based on the DRM technology. The DSMS realizes to protect the digital data without change the original format of the file and the usage of user, and realizes the access control through the use of DRM technology, such as encryption, authorization, authentication, audit, process control.Secondly, this paper proposes a BSAC access control model, and design the strategy description language of BSAC model based on XML language. The BSAC model is based on subject, which contain user, role and group. We deliver the role into the tree structure and form a role tree, it makes the permissions inheritance and the partitioning grades of authority more easily. The using of the role tree improves the flexibility of authorization. Through the research of the strategy description language based on XML language, it makes the understanding and realizing of the model easier, and provides a powerful support to the realization of the authorization system.Finally, we design and implementation the access control module of DSMS based on BSAC model. This module can be used in different scene through the control strategy of the authorize engine, it makes the management of data security more extensive and flexible.