Research And Implement Of The Improved RBAC Model In Centralized Rights Management System

In the adopted security measures currently, rights management plays an important role. Rights management is the basic part in the whole system and it is the core of the service control management. Its security, efficiency and stability influence the normal operation of the whole system. Access control means providing appropriate controlling and protecting measures for the resources of the computer systems when confronted with operational threats that are not authorized, which could protect the information’s confidentiality and integrity. The ideology of access controlling is that only the authorized users could access to the corresponding resources. It aims at preventing the unauthorized users from using the systematic resources and the authorized users from using the systematic resources illegally. The measures to fulfill access management are to manage the users of the system. RBAC (role-based access control) is a more mature access control model. It achieves the logical separation of the users and the authority, which makes the rights management conveniently.But with the development of the expanding internet and the service scale, the enterprises develop different service systems in different periods. These service systems have independent rights management subsystems. And reconstructions make the development cycle longer and the maintenance more complex. Users’ information is distributed in multiple service systems and that makes the management inconveniently. Moreover, users need to remember pairs of names and passwords while using the systems, which make the User Experience poor.This paper makes a comparative analysis between the traditional access control model and RBAC model (role-based access control model) firstly and then determines that RBAC model is more suitable for the developing requirements of the service systems. Secondly, it analyzes the inadequate of RBAC model in multi-service systems. And then it improves RBAC model and proposes a formalized definition, permission constraints and permission calculation. It also makes a qualitative analysis of the model’s efficiency and gives a brief introduction of security. And then, it improves the architecture designing of multi-service systems, separates the rights management from the system and comprises a concentrated rights management system, which could reduces the coupling of the rights managements part and the service part. Then it will boost the multiplexing of the rights management part. According to the new improved architecture, it analyzes the main functions of the concentrated rights management system and provides the requisite data structure and the interfaces of the main functional modules. And at last, it introduces the application of rights management based on the example of Industrial Energy information system of Henan Province that the author participated in.