Design And Implementation Of Fine-grained Privilege Control System Oriented To Business Process

With the continuous development of information technology in the field of human resources and social security,pension,medical,labor relations,employment and entrepreneurship,personnel and other business systems have achieved business process driven.The introduction of business processes after the social field of each system,for multi organization collaboration users to participate in a business function,operation rights not only to restrict users to participate in the management system has,but also on the operating range of data resources can access and make further restrictions.Business agency field collection and distribution complex,involves a large number of funds,with characteristics similar to the financial industry,therefore,must be assigned to the business system functions to meet the strict restrictions on the range of users,the actual business situation,in order to ensure the function of authority is assigned to the correct user,to prevent unauthorized wrong operation and handle business.A fine-grained authorization control system for business process driven,which is mainly responsible for the implementation of fine-grained access control for each business system driven by the process.In the business process driven background,combined with the organization directory,proposed business Post model,the model based on the TRBAC model,introduces the membership function corresponding to the current limiting mechanism,operation business post,can only be assigned to affiliates of the user.The introduction of virtual business organizations,limiting the current task corresponding to the function,can only operate the current business organization of data resources.With the help of the organization,it is the core problem to solve the problem that the system can solve the problem that the function of the system can be accessed by the system.Firstly,this paper first analyzes the current situation of business process and access control,and points out the key problems and innovations of the system.Demand analysis stage,through a comprehensive analysis of business processes driven by the community of the system of organizational directory management and permissions control needs,given part of the use case diagram and use case description.Combining the needs analysis and the experience of similar systems,this paper discusses the design and implementation of the system.In the overall design,the system organization type,business position model,database concept model and technical architecture are designed,and the technical structure diagram,E-R chart and organization type diagram are given.Detailed design stage,given the key modules of the system class diagram,but also on the database table structure and key interface prototype,a detailed design.System implementation and testing part of the system to achieve the use of Activiti,BPMN,work orders and other key technologies to do a detailed description and describes the key module implementation,but also from the functional,performance and browser compatibility given the System test results.Finally,the paper summarizes the whole paper and prospects the R&D prospects of the system.