Design And Research Of Access Control Authority Management For O-TRBAC Model In The PLM System

With the rapid development of computer technology,the access control technology is becoming more and more perfect,and the access control technology has been applied in more and more fields,including military,commercial or business management system.Access control technology is an important guarantee for data sharing between enterprises and enterprises,and is also an important support for the protection of data security.PLM system is a common management system in small and medium enterprises,its core idea is based on product life cycle,from the research and development of products to the end of the product.The advantage of PLM system is that it can integrate the information resources related to the products and integrate the resources.The system combines with the access control technology,defines the relevant constraints,sets up the access rights of the system,so that the system resources are properly protected.This paper based on the actual needs of a part of the company's manufacturing PLM system in Changchun,the research of the system configuration and authority management.The work of this paper is summarized as follows:(1)This paper summarizes the characteristics of the management system of small and medium manufacturing enterprises and the requirements of security,and analyzes the advantages and disadvantages of several mainstream access control models.(2)Combined with the development trend of access control technology,the advantages of RBAC model and TBAC model,and the demand of PLM system,proposing a new model of enterprise system privilege management based on organization structure,task and role,which supports dynamic and static authorization,this model is O-TRBAC(Organization-Task-based Access Control)access control model,the basic elements and ideas of this access control model are described in detail.(3)Based on the O-TRBAC model,developed a complete access control mechanism.including user management,definition and division of roles,authorization management and content according to the project life cycle dynamic allocation of authority,and set the object of resource access level,the inheritance of virtual character adds constraints,and according to the controllable range and attribute of the authority,the granularity level is divided,the validity of the data and task is defined as time,so these methods can achieve efficient,flexible and secure rights management.(4)This paper gives the details of the configuration and management of rights,including the application framework,development platform selection and database table structure.