| In the environment of the rapid development of information technology and digital technology, information systems technology has become an important strategic part of the internationalization of the business development. And it has great significance in the business development. The security of the system, in addition to be able to ensure the smooth operation of the system but more importantly, the corresponding information security plays a key role in the situation to occupy the position in the confidentiality and ensure the security of enterprise information.Based on the analysis of information system’s system architecture, implementations, business contents, working environment and system data which support the whole system, we will focus on the system’s own security and the mode to be considered from the viewpoint of the study of a common access of control security model and access pattern, regarding user access patterns to optimize the registry, information filtering, mathematical models of content-based security model as the line body, to achieve the analysis and improvement of information systems of common modes which are widely used in the current enterprises, so as to realize the efficiency, flexibility and scalability of the information systems security’s implementation.We analyze the safety model BLP and access control mode BRAC which has been generally recognized to determine the mathematical model of the information system security model. Further targeted research was conducted on these defined points of the system security model, the final determine the specific system in safe mode of the security that can be under single domain and multi-domain systems. We analyze BRAC access pattern to and determine the corresponding development model and access the form.Then, we make use of the Role concept proposed by the access pattern to build the association between the data and operations resources and the users of login.We have made the improvement combined the system security model with security architecture, we realize the main points through the program:the computer resources to be divided into operational resources and classification of data resources, reducing the number of data tables for simplified storage; propose three-tier access control model, with a purpose to achieve the split of control sections to control hierarchical authority; complete the data structure design to achieve a multi-level access control to achieve the flexibility of control; changing the way that data is filtered to reduce operation amount in the background to achieve the extraction of convenience. Then, we determine the control function implementation, thus ensure the security of the system. we finalize the specific data structures and associated table structures, and achieve implement specific procedures to verify the security mode by way of scenario testing, realize the flexibility and scalability of this model based on business needs. Finally, this paper summarizes the research. |
PDF Full Text Request