Design And Implementation Of Role-based Access Control System Based In ERP

With the rapid development of the Internet in the world, network security issues have been threaten people’s normal life, these issues become more and more serious problem. In the face of growing demand and complex business environment, the existing access control system has been unable to meet the requirements of enterprises, In view of this situation, the US National Institute of Standards and Technology(NIST), proposed role-based access control system(RBAC),separate user from the business logic,build the hierarchical relationship among the roles. Make the applications and access of system more secure.This thesis researched the original RBAC model, and basing on this put forward the role-based access control(RBAC) user access control system. Taking three functional modules(user management, role management, rights management) Of MyGs system as an example,to Do analysis, outline design, detailed design, implementation and testing for the system. In the analysis phase, establishment the use case model, the database model based on the RBAC system. During the design phase, The analysis results of the requirements phase need to be further refined. We use Structs framework of the MVC pattern in implementation phase, This framework has a typical three-tier architecture and separate The front interface(user presentation layer), an intermediate layer(business logic layer) and back(data storage layer),so front interface, the middle layer and the background can be programmed respectively,accomplish the mapping from design to codeBased on the analyses and study of RBAC(Role-based Access Control), the following several results and conclusions can be get1.Comparing with the traditional access control technology, designed a more flexible ERP ERP/RBAC model which adapted to the characteristic of the enterprise2.Separated the policy of access control from its implementation. And enhanced the security and commonality of the system3.Enhanced the of generality RBAC system, and reduced the complexity of system development. RBAC system solved all conflict under the monitoring of system management tools, system in running will not consider the problem of conflict.4.In the existing system architecture, the RBAC system took the strategy of role-based access. Which can greatly reduce the complexity of the system in terms of rights management, strengthen the security of the systemTo note is that three specific cases in this paper are myGs system modules, the system has been widely used in the enterprise, and has obtained the good effect.