Design And Implementation Of Permission Management Subsystem Base On RBAC Model

As a modern technology, information system mainly adopts computer andnetwork communications to manage enterprise information. With the networktechnology rapid development and wide application, the security of the systemthrough the network is becoming an increasingly prominent issue. During usermanagement of large application systems, access controlling, that rights managementis particularly important. Traditional access control technology, such as discretionaryaccess control and mandatory access control, has been unable to meet the needs of theuser.Role-based access control has relatively sound theoretical basis, and accessrights management flexibility, since the introduction of the subject to the attention ofresearch institutions and scholars, and widely used. Core idea of RBAC is to assignpermissions to roles, the user who given roles will have the appropriate permissions.University Integrated Resource Management System is relatively complex, andneeds higher security privilege, the traditional RBAC model does not fully meet therequirements of the system. Role-based access control can’t solve with the same role,actually responsible for a different range or assume the business is not at the sametime, the access rights to the system should also be different. Therefore, it is necessaryto extend RBAC mode according to the needs of University Integrated ResourceManagement System in order to achieve the security and efficiency of the system ofrights management.This paper has studied a variety of rights management method, based onextended RBAC model, achieves the Permission Management Subsystem. First, forthe deficiencies of the existing RBAC model, from the main set of rights management,object set and permissions set three aspects of RBAC model is extended; followed by the combination of the demand for efficient integrated resource management systemwill be extended RBAC model is applied to the system, respectively, from the loginauthentication, rights management module, the database do the detailed design;Finally Struts Framework to achieve the rights management system, the actual use ofthe proof of the effectiveness of the system. Actual use of proven, PermissionManagement Subsystem achieves the purpose of data security and managementflexibility, and it also strengthens the information security of the entire system.