Research And Application Of Access Control On Research Project Management System Based On SaaS

Cloud computing rise ceaselessly in recent years, the SaaS mode was proposed and used to solve the one-to-one service mode in traditional research project management system. But under the premise of ensuring the flexibility and safety, how to solve access control in the system and between the SaaS provider and tenants is a new problem. Aiming at these problems, this paper proposed that make research project management system combined with the SaaS service mode, improved the utilization of the system and realized the flexibility. At the same time, put forward improved access control model.This paper conducted detailed characteristics analysis to research project management system based on SaaS mode, and expounded that the system has a large amount of business, and need to configure flexible, which lead to the excessive complexity of access control, easily lead to the inconsistency of permission management, then cause conflict. This paper proposed improved TRBAC model, and named SRP-TRBAC. This model retains the advantages of the TRBAC model’s dynamic authorization, solved across judgment between SaaS platform and system, also solved the system security of access control in some extent.This paper mainly studied the SRP-TRBAC model which proposed for the access control of the research project management system under the SaaS mode. This model is improved based on the TRBAC. Firstly, judging and restricting the initial permissions of users through the SaaS constraint to ensure SaaS software supplier to dynamic control tenants’permission. This model added time constraint and priority attribute of task, time constraint make permission activated with activated task, and failed with failed task, and solved the security of the system which caused illegal operation, because of having too long access time. The priority attribute of task solved the problem how to dispatch different tasks for one user at the same time, solved the sudden resource scheduling problem. Besides, in order to prevent the potential security issues caused by the super administrator privileges, the model further expand the role. In addition to super administrator, added auditor and safety office to restrict each other. The access control rules of this model are consist of the minimum permission rule, privilege separation rule, time constraint rule and constraint rule of separation of duty. Limited the use scope of authority, ensured the security of the system, and flexible implement the system dynamic authorization. This model put "role" and "task" to center of access control model, the static separation of duty combined with dynamic separation of duty to analyze and test the assignment process and eliminate the conflict entities. Ensuring the flexibility and achieving accuracy of permission distribution.Application results show that the system has good configuration process and good access control method. The model improved efficiency and flexibility and security of research project management system, and achieve on-demand service.