The Design And Realization Of Access Control Strategy Based On Credit

Abstract:Along with the network technology and the information technology development, the management information systems of the company and the enterprise have some few features orienting to the public access through internet. However, because of inherent safety of network, how to ensure the system information security has become a key problem. Access control is an important technical means to ensure the information safety stored in the computer system and network system, and which is a key step to control resources visitor access to the resource, effectively inhibits internal information disclosure due to legitimate users access resources with illegal target, and reduces the network security threats from the interior of computer system and network system. However, the current access control technology has common shortcomings, the main reason is due to that the user authority was relatively fixed once distributed. In addition, the illegal access behaviors of legal user’s lack of control, resulting in a low actual effect of access control, and authority distribution is not flexible enough. So, these factors serious impact the information security protection quality by access control technology.In order to solve the existing problems, this paper introduces the credit mechanism into the traditional role-based access control strategy. In this new method, the credit mechanism can be dynamically adjusted according to the resource visitor’s access behavior, we design related credit reward and punishment mechanism to control access behavior. The novel design access control strategy based on credit and role is proposed. The main work of this paper includes the following aspects:(1) Study the access control technology in-depth, including the basic concept, research status and direction of development were discussed in this paper;(2) Study the credit model, proposes the general model of credit access control strategy based on credit, and give the related realization mechanism;(3)Give the detail designing scheme of the credit based access control policy, and give the related database design, module design and the actual operation process;(4)Apply the credit based access control strategy into the actual tobacco management information system, and the system test results show that the proposed design strategies are correct and available.