Construction And Implementation Of ERP Security Management System

With the rapid development of computer application technology,the scale of enterprise is expanding and the structure of enterprise information management system is complicated.The defects of the traditional information system authorization module are exposed: the authorization management is complex,the authorization method is single,and the fine-grained permissions are not well controlled etc.At the same time,along with the increase of the number of employees,The management system cannot track the root cause of the probability of errors in business logic errors due to employee inadvertent operation is greatly increased.So it is very important to build a safety management system that can be flexible to manage different granularity permissions,and respond to changing corporate needs having good development.For the above problems,the system construction is a combination of role-based Access Control(Role-based Access Control,RBAC)model and the property of Access Control(Attribute-based Access Control,ABAC)model,the characteristics of the two models.In this paper,a role-based access control model is proposed,and the properties,rule definitions and model building processes of the extended model are given,a variety of different granularity control functions are realized on the basis of model theory as well.The system login module implements single sign-on and timeout heavy logging mechanism to make the system more secure.System in OFBIZ(Open For Business Project)framework defines the user events on the request rule,unified event request entrance,build events data dictionary,realizing the user use the record function of the system that can monitors the user's use of the system,and providing the wrong way to track the system business logic errors caused by the user's inadvertent operation.The system implements integrates the OFBIZ component design ideas and the modular layered implementation ideas into the overall architecture of the system and the implementation builds of individual modules to make the system has good maintainability and extensibility,which can meet the needs of enterprise complex and diverse information security management.