| With the rapid development of network,security issues become more and more important,but the security problem is not limited to network security,content security is becoming more and more important,design a reasonable content security privilege management system,which has a very important significance.Content security privilege management system,in essence,is to have access to the restricted requirements and the need to ensure the security of the content to do the right storage;the right to match;the authority of the query,forwarding,revocation,update and other functions.The content security system must be able to support the existing management system,including the content classification management,the document life cycle management.Be able to support the existing application systems,applications often already contain a large number of content needs to be protected,content security system must be able to support both applications.The deployment of content security system and the existing application combination,can not cause serious impact on existing applications,can not terminate,change the existing applicationsAt present,the system has a similar design and architecture,but some problems,such as the separation of authority,security,the interaction between nodes and so on.The purpose of this paper is to design a content security authority management system,which can comply with the following design principles:The use of convenience,in the daily work of users need to frequently access the content security system,the authorized management tools will greatly enhance the availability of content security system.The variability of the application and content security system in the specific application will present diversity.In the condition of permission management subsystem must be able to and application of the original authority management system for linkage.The variability of the application and content security system in the specific application will present diversity,for example,the OA system,file system,sharing center access system for the provision of services,the future may also access other systems.Privilege management subsystem must adapt to this diversity,in the condition of permission management subsystem must be able to and application of the original authority management system for linkage.To achieve the following key,query access and synchronization services,including query access,forwarding permissions,access synchronization,permission to update,update permissions caching,revoke permissions;access adapter service,including local node priority adaptation,collapse node priority adaptation;and decryption service.In terms of privilege isolation,security,interaction between nodes,service performance and other aspects to make optimization. |
PDF Full Text Request