Ni Wancheng,Liu Lianchen,Liu Wei

DOI: https://doi.org/10.3321/j.issn:1002-8331.2006.21.037

2006-01-01

Abstract:Based on RBAC(Role-Based Access Control) theory,a role-page model based access control method for Web applications is given out to facilitate the Implementation of RBAC Model.Considering the characteristic of B/S application model,this method is to logically partition the business logic and the representation logic.Then the access control can be implemented by controlling the Web pages' availability to different roles.This method can be used to facilitate the construction of Web applications because it reduces the judge code of access control.And this method has already been validated in the CERS(China education Equipments and Resource Sharing) project.

黄益民,杨子江,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2004.04.005

2004-01-01

Abstract:The traditional role-based access control (RBAC) model was extended in this work aimed at studying practical ways to implement access control, enforce security administration, and acquire available information from real world to construct an access control model and establish security policies. A three-layered architecture for role-based security administration was proposed. And a practical way was presented to implement role-based access control and role-based security administration ,so that cross-platform role-based access control is implemented automatically and systematically in the security administration system.

BAO Zhigang,HU Yanjun,GU Xinjian

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.01.059

2006-01-01

Abstract:Firstly making reference to role based access control(RBAC)model,this paper proposes the basic idea about access control.Then it introduces database design of two realizing methods about access control and two methods’ realization in program,it also presents visual effect.Finally it analyzes and compares one to another in detail from two aspects of applicability and reusability.

Wei Wei,Zhang Qing,Liang Wenzheng

DOI: https://doi.org/10.3969/j.issn.1006-1576.2011.02.015

2011-01-01

Abstract:Through analyzing the compulsion access in HTTP request and information juggle and forgery,design data access control model and task purview model,and realize access filtering of task data and URL verifying request.The technology can solve the access control problem in B/S system and realize multi-dimension data logic in encrypt system.

LI Bo,HUANG Dong-jun

DOI: https://doi.org/10.3969/j.issn.1006-8937-B.2006.04.001

2006-01-01

Abstract:The paper analyzes and compares several primary ways to distribute privileges during the current design process of access system such as Discretionary Access Control(DAC), Mandatory Access Control (MAC) and Role-Based Access Control (RBAC), points out their respective characteristics and limitations of their applicability. By taking the new characteristics of modern enterprise management into consideration and combining with the existing access control model, the authors discuss the access control technology of the multi-users information system, present and realize the security control model based on role level, department level and user level in the application. Practical application makes clear that it enhances the security and maintainability of information system.

吴江栋,李伟华,安喜锋

DOI: https://doi.org/10.3969/j.issn.1000-3428.2008.20.019

2008-01-01

Abstract:A method of finely granular access control based on RBAC is brought forward after the discussion of the access control model based on role.This paper proposes the idea about finely granular access control,decomposes the access privilege of sources to less granularity,and the privilege is assigned to role,then access control can be managed easily by defining the user of the role and the inherit of roles.The validity of method is proved by the successful system of finely granular access control based on RBAC.Design and implementation process of the method have referenced value to similar software's development.

曾岫,彭宏,左国威

DOI: https://doi.org/10.3969/j.issn.1007-1423-b.2008.10.002

2008-01-01

Abstract:Proposes a new role-based access control model on the basis of analysing the tradi-tional RBAC model.The model can efficiently overcome the shortcoming of the traditional model.It can decrease the complexity of authorization management and expense of manage-ment,and provides a better e-Environment for managements to realize security strategies.

Peng Wu,Zhao Wang,Jiexi Wan

DOI: https://doi.org/10.1109/ITCS.2009.185

2009-01-01

Abstract:In the e-business website which has the characters of personalization ,we need the univers al access controlstrategy to control the behavior of the user. Itpsilas the key point to resolve the website access control that constructing the strategy which combine the role control and privilege management . Integration of RBAC and PMI has prominent advantages of centralized strategy management ,dynamic authorization and effective access control . It can construct agile access control system for security of e -business website .

Xiaohua Yang

DOI: https://doi.org/10.3969/j.issn.1008-0570.2006.03.030

2006-01-01

Abstract:By analyzing the technology limit existing in the RBAC model and taking the characters of Authority management in the teaching management system of college into consideration, this paper presents a new Authority Management Scheme based on user's functions and authority by group on the basis of the concept of fingerprint in Web pages. It can be used to reduce the working cost of authority management in the web application server greatly when this scheme is applied in the MIS based B/S mode.

高楚舒,陈松乔

DOI: https://doi.org/10.3969/j.issn.1001-3695.2003.08.039

2003-01-01

Abstract:In view of security based on Web DSS,this paper introduces the RoleBased Access Control (RBAC)Model.As a result of analyzing the properties of a bank's DSS and security requirements of the system,a RoleBased Access Control mechanism is described and a scheme,which is implemented on the Java platform,is proposed.

ZHAO Wei-gang,WANG Run-xiao,ZHANG Jin-rong,HUANG Wei

DOI: https://doi.org/10.3969/j.issn.1001-2265.2006.12.030

2006-01-01

Abstract:According to the requirement of enterprise sales management information system,the problems of management information system permission is analyzed and discussed,under the theory of role-based access control,an Access control model suit to WAN management information system based on user-role-page and menu is brought forward;and the access control process and realized method of the model is brought forward too.The access control model has been used in the WAN sales management information system,and it well completes the access control of the system.

Meisong CAI,Hongming CAI

DOI: https://doi.org/10.3969/j.issn.1671-8844.2006.04.025

2006-01-01

Abstract:The network security polices in terms of users personal,role and temporary attributes are introduced;and then the access and control mechanism for the three security polices are put forward.An adoption of server-pull and LDAP structure is discussed to perform access and control for the enterprise fundamental information platform based on RBAC.The system employs LDAP directory server as the role server and users can obtain required information in certain secure mode(e.g.SSL),so as to implement the relevant RBAC strategy to achieve the access control purpose.The structure's feature is simple and flexible.

ZHOU Shen-gang,ZHAO Song-zheng

DOI: https://doi.org/10.3969/j.issn.1001-3695.2005.06.073

2005-01-01

Abstract:The authority management in information systems is one of the necessary conditions to guarantee the data safety.Based on discussing the model of role-based access control and combining with the shared project of information system developing,a new RBAC-based authority control method in information system of B/S mode is presented so as to the problems in the method of access control based on user-function are solved.The new method has been applied in the course of the system developing, and the safe authority control is realized with good effect.

Junhao Geng,Sumei Zhang

DOI: https://doi.org/10.1109/cis.2009.260

2009-01-01

Abstract:To meet the requirements that full business model of complex information system needs simplified, precise and consistent access control method, analyzing meta-model of full business model, granularities of access control elements, Full Business Model Oriented Access Control (FBMOAC) model is proposed and built, and an algorithm of permission consistency control is presented based on the formal description. Through building access subject granularities, access object granularities, permission assignment control granularities and the dependency, contradiction, delegation, nesting relationships between granularities, FBMOAC supports simplifying the authorization process, controlling access objects precisely and implementing the consistency control of permissions.

HU Ying-song,CHEN Gang,ZHU A-ke,CHEN Zhong-xin

2006-01-01

Abstract:A new access control model based on roles and departments is proposed,which extends the traditional RBAC model. The new model abstracts the department from the property of roles,and becomes an important factor of permission control. Furthermore,this paper designs a three-layered architecture for this cross-platform security administration and one of the access control policies is described in detail.

吴振兴,熊璋,方义

DOI: https://doi.org/10.3969/j.issn.1006-2475.2004.12.042

2004-01-01

Abstract:The different levels of RBAC model implementation and their characters are discussed.An implementation of RBAC model on the application level is also presented.This implementation makes use of the security character provided by the operating system to authenticate user in a high security way and introduces application server as agency between database and workstation.Based on active directory and DCOM,this implementation controlls database access reliably according to RBAC model and achieves high security.

Junbiao Wang,Jianxin Zhang,Jianjun Jiang,Shichao Zhang

DOI: https://doi.org/10.3969/j.issn.1000-2758.2008.04.005

2008-01-01

Xibei Gongye Daxue Xuebao/Journal of Northwestern Polytechnical University

Abstract:Aim. Existing access control models are, in our opinion, not sufficiently effective. We now propose a novel access control model based on RBAC (Role-Based Access Control), which, we believe, is sufficiently effective. In the full paper, we explain our model in some detail. In this abstract, we just add some pertinent remarks to listing the two topics of explanation. The first topic is: the analysis of RBAC-based access control model. In the first topic, with the help of Fig.1 in the full paper, we explain in some detail how the FICS (Flexible Information Coding System) controls access. The second topic is: the implementation of our novel and effective RBAC-based access control model. Its three subtopics are: the concepts of traditional RBAC model that we utilize (subtopic 2.1), the restrictions we impose on accessing our novel and effective model (subtopic 2.2), and the access assignment strategy of FICS (subtopic 2.3). A large Chinese aircraft manufacturing enterprise has made use of our novel and effective RBAC-based access control model and has gradually widened and continues to widen the scope of its application. How the large enterprise utilizes our novel and effective model are briefly described in Fig.4 and Table 1 in the full paper.

Liu Enming,Xiong Zhang,Wu Jing

DOI: https://doi.org/10.3969/j.issn.1672-9722.2006.10.014

2006-01-01

Abstract:The privilege is formally defined as 4-tuple consists of operation type,information object type,operation scope and constrained condition,which is the basis to establish 4-TPBAC(4-Tuple Privilege Based Access Control).The 4-TPBAC model is made up of privilege code builder,privilege code analyst and privilege code base.The working principles of privilege code builder and privilege code analyst in the model are described.Then the strategies of privilege control at level of page,operation and fields in privilege code analyst are expatiated.

Xiaobing Liu,Zhaoyang Bai

2008-01-01

Abstract:Sensitive information is one of core competence concerning with the development of the enterprise business. Tremendous pressure on today's enterprises to achieve and sustain competitive advantage has led to heightened efforts to protect sensitive information. Many enterprises have recognized that the key to sensitive information management improvement lies in the better access control model. In this paper, we present a boundary-based access control model incorporating an advanced security mechanism, in order to support fine-grained authorizations in the right time for the provision of services, based on the analysis of system boundary. In this model, access permissions are controlled by the state transitions at different layers including workflow layers, control layers and data layers. The access control mechanism is based on an RBAC model, which incorporates dynamic context information. Context is classified based on the analysis of system boundary into six main categories, which is further categorized as simple condition and composite condition, thus forming a multi-level context. In a multi-level hierarchy of context conditions, the access control model is implemented dynamically, by checking the context constraint associated with each access task at the time of the specific request submission, whose functionality and the constituent parts have been described formally and in detail.

HU He-ping,XU Wei

DOI: https://doi.org/10.3969/j.issn.1007-130x.2007.06.033

2007-01-01

Abstract:By means of roles, the access control model of role-based access control links an user with his permissions, which greatly reduces the complexity and cost of authorization management.This paper presents a RBAC framework which can be used for the domain of J2EE. The framework which uses the design patterns of software and the method of aspect-oriented programming shows strong expansibility and maintainability.