Manage users and access rights are a complex and challengeable job in enterprise portal. Importing the role concept may simplify the access control, but its implementation is usually constrained by the single system and application. A new model,TRBAC(token role-based access control), was proposed for RBAC(role-based access control)on enterprise portal, which integrated the SSO(single sign on) technology and combined the RBAC model with token access mechanism. The role could span all web systems in portal. It was a token-based and dynamic-activated access control model, which could dynamically adjust the access rights according to user access requirement. It solved the problems on user management and access control management, and supported the corporate security standards, central auditing and control. The practice indicates that TRBAC improves the system efficiency and ensures the security.
��ҿ�,������.��ҵ��Ϣ�Ż�EIP[M].����:��е��ҵ������,2004 Xu Jiajun,Jia Wenyu.Enterprise information portal[M].Beijing:China Machine Press,2004(in Chinese)
Ferraiolo David,Kuhn Richard.Role-based access controls Proceedings of the 15th NIST-NCSC National Computer Security Conference. Baltimore:NIST-NCSC,1992:554-563
Ferraiolo David,Barkley John,Kuhn Richard.A role-based access control model and reference implementation within a corporate intranet[J].ACM Transaction on Information and System Security.1999,2(1):34-64