The Design And Implementation Of Municipal Security Department Management System Based On RBAC

With the popularity and development of computer networks, the security issues of computer information system become increasingly prominent. Relevant security technology has become a key issue among the researchers. The access control can effectively prevent unauthorized users from accessing the protected resources and prevent authorized users from accessing the protected network resources illegally.Traditional access control model consists of: discretionary access control, mandatory access control and role-based access control (RBAC). In comparison, role-based access control composes of discretionary access controls flexibility and mandatory access control's security features, and it is an effective access control which is implemented for business-oriented security policy. Therefore, many researchers conduct a lot of studies on role-based access control, and role-based access control are universally applied as the access control module in many large-scale information management systems.With the rapid development of enterprise applications, enterprise application development often confronts the frequently changed requirements, expensive cost and difficulties in software maintenance. The design pattern is proposed in this context. Design patterns are a set of repeatedly used, well-known and cataloged code design experience. Design pattern is used for reusing code, making code easier understood and ensuring the code's reliability.In this paper RBAC model is applied as the access control module in Municipal Security Department Computer Management System, which is implemented as RBAC3 model with role hierarchy and constraints. It has increased the security of the system and reduced the system administrator's burden for authorization. Meanwhile, GoF design patterns are applied in the specific scene of the system architecture design. For example, abstract factory, singleton and strategy patterns in data access layer; facade pattern in database context; template method pattern in form resources design and bridge pattern in crystal report. The application of these models can improve reusability, scalability and flexibility; make up for the difficulties of maintaining the codes in traditional software development. Practice has proved that RBAC model and design patterns do not only increase the security of the system, reducing the complexity of the system administrator's work, but also improves the system flexibility and maintainability.