基于shiro的权限管理系统设计稿和实现毕业设计稿.docVIP

摘 要 随着经济社会的发展和信息科学技术的不断进步，信息的处理量越来越大，也越来越繁杂，于是计算机技术被广泛的应用到社会的各个领域之中。但随着最近一些比较严重的信息系统泄密事件的发生，使用者意识到了信息系统安全的重要性，如何保护信息的安全成为使用者最关心的问题。这里我们从系统设计实现的角度进行处理，在用户对系统数据进行访问前，先通过基于RBAC的权限管理系统的验证，确定用户拥有的角色，根据用户角色的权限再向用户展示数据信息，从而实现保护系统信息的目的。 该系统依托现在流行的JSP语言，通过MySQL数据库的数据处理，开发出通用权限管理系统来对用户身份权限信息进行验证。这套系统具有权限分配简单、扩展性好的优点，并且支持岗位、权限多变的各种需求。作为信息系统的附属系统，该系统很好的实现了用户与页面功能数据的整合和分离，还增添了信息管理等附带功能。实践证明，基于RBAC的权限管理系统是最方便和快捷的安全管理控制方法。 关键词：网络信息安全；RBAC；权限管理系统；角色  ABSTRACT As the development of the social economy and the technology and science, the information needed to treat is bigger and bigger, and become increasingly complex, so computer technology is widely applied to every field of society. But along with some serious information system leaks events happened one after another, people have realized the importance of network security, thus how to protect information security data from violation has become that users care most about. Here, a detailed analysis of the design from the viewpoint of the systems realization is given, users first must log in to access the privilege management system, for each user group one or more users are selected and their roles and authority s are identified, and then they can view the client list and details about each client, so as to achieve the goal of protection system information. The authority management system is based on fashionable JSP language and MySQL database technology to authenticate user identity authorization information. Authority administrative system that adopts this method has stronger commonness and practicability, which can meet demand of authority management in general application system. As the subsidiary system of information system, the system is good enough to achieve the integration and separation between the user and the function. Practices show that an authority management system based on RBAC is the most convenient and efficient safety management control. Key words： Network information security；Role-Based Access Control；