Research and Implementation of Role Based Access Control System
-
摘要: 首先介绍了基于角色的访问控制理论,讨论了其主要特征和优势,然后给出了一个以该理论为基础的访问控制系统的设计框架及实现技术.该系统可以为FTP、WWW 、TELNET提供访问控制服务.系统的总体结构分为:访问控制服务器、访问控制请求过滤器、角色及授权管理服务器,它们各司其职,协同服务,共同构成完整的访问控制系统.Abstract: First, a theory of access control—role based access control was analyzed, and the characters and advantages of RBAC were discussed. Then, the infrastructure and implementary techniques of our own access control system based on this theory were given. This system can provide access control service for FTP、WWW、TELNET. Its framework is presented with some core components: access filter server(AFS), access control server (ACS) and role & authorization management server (RAS).These three servers have distinct functions, while communicating and cooperating with each other as an integrated system.Finally, an instance using this system was given.
-
Key words:
- electric networks /
- safety /
- control /
- access control /
- role hierarchy
-
[1] Barkley J F. Comparing simple role based access control models and access control lists . http://hissa.ncsl.nist.gov/rbac/,1997. [2] 刘怀宇.基于角色的细粒度的访问控制系统的研究与实现 .北京:北京航空航天大学计算机科学与工程系,1999. [3] Barkley J F, Cincotta A V. Role based access control for the world wide web . http://hissa.ncsl.nist.gov/rbac/,1998.
点击查看大图
计量
- 文章访问数: 3080
- HTML全文浏览量: 128
- PDF下载量: 1362
- 被引次数: 0