Research And Implementation Of Access Control Based On Dtrbac In Collaborative Commerce

The environment of collaborative commerce platform is so complex and changeable, and it relates to so many users and resources, that put forward higher requirements to access control technology.Because of the difficulty of permission management and the needs of dynamic authorization, this paper presents the dynamic authorization DTRBAC model by improving existing models. Then we Design and development one permission management system based on the model.The testing and using of rights management verified the reasonable of the DTRBAC model as well as the applicability in large-scale collaborative commerce platform.This paper firstly introduces the background of the collaborative commerce and the development of access control.Existing access control mechanisms and models have their respective strengths and weaknesses and scope. Secondly, this paper explored the characteristics of large-scale collaborative commerce platforms, and pointed out a variety of deficiencies of Existing access control mechanisms and models, such as permissions are pre-defined, static and centrally-managed, user management is difficult, the confusion role hierarchical relationship, heavy workload of management and maintenance etc..According to actual security requirements of large-scale modern enterprises, this paper proposed the following improvement ideas:(1) Introduced the concept of department, make the role hierarchy mapped the organizational structure of the enterprise, the result is the role easy-to-manage.(2) the using of distributed permission management mechanism, introduced the concept of a department-level administrator, who has certain administrative privileges, which can not only reduce the workload of system administrator, but also prevent his fraud to some extent;(3) verify the workflow history information, not only to meet the demand of enterprise’s one more post, but also to prevent the fraud of those users with multiple roles in the same amount of business;(4) detailed design of dynamic authorization process in collaborative commerce platform, not only to achieve a reasonable degree of fine-grained access control based on the actual security needs, and to meet least privilege principle during the dynamic authorization process.Combined with the above improvement ideas and existing TRBAC model, this paper presented the Dynamic Task and Role-Based Access Control model, gives detailed formal descriptions of all entities, the mapping relationship between entities. The verification of the separation of duties introduces the verification of workflow history information, and describes the steps of the improved authentication algorithm, and the dynamic authorization process of DTRBAC in detail.Based on improved DTRBAC model, combined with the actual security requirements of Zhejiang Province Scientific and Technological project "industrial the cluster manufacturing services critical technology research and application for lace industry", this paper develops an permissions management system for collaborative commerce platform for the lace industry, which with a friendly interface to permissions management, realized its main module. The testing and using of rights management verified the reasonable of the DTRBAC model as well as the applicability in large-scale collaborative commerce platform.