Access Control System Design And Development For Heterogeneous Environment

Along with the city construction of computer network and information system for many years, because of the lack of general construction plan, each information system is mostly independent system, more and more valuable resources can’t play their value, a number of data across departments cannot integrate and access, formed the information island. This topic goal is to solve the problem of the existence of access to resources, namely in the heterogeneous environment how to effectively implement the access control of resources.Firstly, combine with the actual situation of project analyzes the research background, this topic proposed the goal of this subject to access control technology research, also expounds the access control technology in the development and research status of today.Then, it gives the concept of access control, and the subject, object, security strategy has made the detailed explanation. The traditional access control models include discretionary access control model, mandatory access control models, role-based access control model for a thorough theoretical analysis and comparative study, proposes the existing shortcomings of existing access control models.Secondly, show how the existing system access to other application system resources. Then combined with the actual elaborated the characteristics of access control technology in heterogeneous environment. At the same time, it is pointed out the limits of the traditional method, and proposed the trust management method, including components and framework of the trust management, safety analysis, audit tracking method, and prominent advantages.Again, on the basis of trust management model, set up on the access control system has carried on the detailed design and implementation, including system architecture, trust certificate, local strategies library, consistency test, mandates, security, audit and other of the detailed design. The trust certificate using xml language to describe, and through the service release for the third system call access; In terms of security by the SM2 for encryption and authentication security.Finally,point out the shortages in the process of system design and in need of improvement,prospecting the development of the system in the future.