Research And Realization Of Multi-level Relational Security Access Control Model Based On Roles

Secure access control of database is always a key-point in research of databasesecure field. A high secure access control can effectively prevent destructions causedby illegal users’ intrusion and legal users’ improper operation, and it plays animportant role in large database applications. There are mainly three kinds of accesscontrol: Role-Based Access Control, Mandatory Access Control, and DiscretionaryAccess Control. Commonly, Discretionary Access Control uses authorizationmechanism of access matrix to control users’ operation of data, while MandatoryAccess Control offers a high strength secure protection by managing security level ofsubjects and objects, and follows some kind of Mandatory Access Control Modelrules. Role-Based Access Control introduces a concept of character, and subjectsobtain corresponding access permissions according to roles, so it will greatly simplifythe management of permission authorized. In order to achieve a high flexible and safeaccess control, we need to mix Mandatory Access Control and Role-Based AccessControl together, and modify the defects and shortages of the two access control, thenwe can bind them together perfectly.In this paper, firstly, we will introduce the background and current situation ofdatabase secure access control, especially analyze the MLR model with presenting itsbasic model definition and each integrity property, and display a simple example oftuples following the MLR model; Then we will take a look at the Role-Based AccessControl and find it out that how the roles deal with objects and objects; At last, byanalyze and modify the two access control models, we add Role-Based AccessControl to the modified Mandatory Access Control Model MLR, realizing ourRole-Based Multilevel Secure Access Control Model.Finally, based on our Role-Based Multilevel Secure Access Control Model, wedesigned a common and safe access control system, with control of access subjectsand roles and the management of object tables in database. Besides, we implement afunction for users to login in and test, and with each test of access control to ourRole-Based Multilevel Secure Access Control System, we got a visualizedunderstanding with the realization of access control model in this paper. Compared to traditional database systems, the Role-Based Multilevel Secure Access ControlSystem we designed in this paper is much more different. Not only that we use accesscontrol model MLR based on element level as our mandatory access control strategyoffers us a higher secure control ability, but also that the conception of role-basedleads different users with different access permissions enhances the flexibility ofsystem’s permission management.