RBAC模型的改进及在高校教务系统的应用.pdf

汕头大学硕士研究生论文 RBAC 模型的改进及在高校教务系统的应用 Abstract. With the development of computer and network technology, access control and implementation of authorization management has become an important topic, due to the requirements of information security. Further research and application are focused on Role-Based Access Control (RBAC), which is becoming the most potential in the development of access control policy model,. As the standard model of RBAC focuses on the description for the roles and the relationships between roles, little completely description about the Permissions receptor--resources. A lot of RBAC extension models, some in practical systems, are put forward because of the applied limitation of the standard model of RBAC. From the existing Research findings, these extension RBAC models are mainly aimed at the role definition and authorized relationship as well as the access authorization methods and limits. This paper put forward an improved RBAC model —Resources-RBAC model. In R-RBAC model, the object in the two-tuple (operation, object ), which is permission express, is treated as a kind of resource. And the resource is defined as a grate functional component, which is made up of functional components. In addition, the data in functional components are extracted as an independent part to deal with. Namely, the function component is decomposed to the interface function component and the data. Therefore, the role in R-RBAC model can only be awarded the operation authority of the interface function component, while the data is encapsulated into data objects data groups according to the direct