Design And Application Of A Common Access Control-based Middleware

With the rapid development of Internet,informatization and networking of business administration become popular in a growing number of enterprises.No matter for small companies or large multinational enterprises,they all built a whole set of information management platform gradually.No matter which information platform,there are complicated questions about the background management of data resources.The working methods and processes are always in the process of improvement,thus the business system is changing continually.Source code is required to be adjusted and the project has to be deployed again with every business logic change and access rules,thus the later maintenance cost will be increased and the system stability will be reduced greatly.In this paper,the access control module will be extracted from the enterprise system to make a solution for a whole set of data resources.The target of this paper is not only for enterprises' development,but also providing service for enterprise when building the software system.The solution is described as follows:1.This paper is based on the RBAC model,compared with the theory of Auth identification,introducing the thought of rule engine identification,realizing the decoupling between the user and the relation access control,as well as the combination between roles and the rule engine,to reach the flexible control between the function privilege and the data authority,and to final make a universal middleware system of access control.2.In the light of the rule engine in the application of system model,Rete calculation is analyzed in this paper,and a simple optimizing about Rete calculation is made,so that the Drools rule engine can play a better role on the middleware system of the access control.3.Combined with component-based development and in the light of the improved access control model,the whole access control system will be grouped to the function configuration component,rule configuration component and access control component according to different functions in this paper,to finally realize the systemically universalization,platformization and modularization.Using the access control-based middleware in this paper,no matter how the business rules change,the developer only pays attention to the business rules.The access control for the data resources can be managed by the administrative staffs flexibly,so that to lower the cost of system development,and also can improve the stability of the enterprise information system.