| With the rapid development of Internet technology, more and more users start to build the B/S model of Web information systems. As the technical characteristics of B/S model itself, it determines that the web’s access control system is not strong enough, rights management is very complex. How to build safe, low complexity of rights management information system Web access management has become a modern research focus. To a certain extent, the use of RBAC model, fine-grained, uniform abstraction resource based access control, improve the security of Web information systems and the flexibility of access control authorization.The article first analyzes the different types of RBAC model and its advantages&disadvantages of expanding the model. At the same time, it analyzes the Web-based information system architecture and the general structure of the object. It references ISO1018-3access control architecture for the NIST RBAC model in object expansion, given the E_RBAC model for Web information system and its formalized description; Secondly, it designs and develops the key components based on E_RBAC model fine-grained access control system, including the ADF and AEF. Finally, the research and information management system of a unit shows E_RBAC model in specific applications, and how to achieve a uniform Web information system access control based on the model quickly.Fine-grained access control model E_RBAC achieved page element level, data access level and control level access control in the Java Web information systems, compared with existing solutions, it is finer granularity of control and more flexible licensing model. improving system security and access control flexibility greatly. At the same time, the method based on dynamic assembly make rapid development, testing and deployment with a strong applicability easily. |
PDF Full Text Request