System Users Access Control Based on Improved RBAC Model

doi:10.3969/j.issn.10062475.2014.09.011

Abstract

Abstract: On the basis of studying the existing RBAC models in the literatures published, this paper put forward an improved model (MRRBAC model), and gave its formal definition, and designed and implemented it. The MRRBAC model could realize finegrained access control permission on the operations and objects, set the different roles of different functional operation via automatic configuration interface. Practice indicates that MRRBAC model improves the security of the system and the flexibility of configuration.

Key words: RBAC, control strategy, personalized operation, finegrained access control, information system

CLC Number:

中图分类号： TP311

SONG Wanli1,2, WU Weifeng1. System Users Access Control Based on Improved RBAC Model[J]. Computer and Modernization, 2014, 0(9): 49-54.

References

［1］
Ferraiolo D F, Kuhn R． Rolebased access controls［C］// Proceedings of the 15th National Computer Security Conference. 1992:554563．
［2］ Sandhu R, Coyne E J． Role based access control models［J］． IEEE Computer, 1996,29(2):3847．
［3］ Ferraiolo D F, Sandhu R, Gavrila S, et al． Proposed NIST standard for rolebased access control［J］. ACM Transactions on Information and System Security, 2001,4(3):224274．
［4］赵静，杨蕊，姜滦生．基于数据对象的RBAC权限访问控制模型［J］．计算机工程与设计， 2010，31(15)：33533355． 
［5］范收平，高艳．基于三员分离及数据限定的RBAC权限管理模型［J］．计算机应用, 2011，31(S2)：112115．
［6］严骏，苏正炼，凌海风，等． MIS中基于部门和角色的细粒度访问控制模型［J］．计算机应用， 2011，31(2)：523526． 
［7］宋利康，庄海军，周儒荣．权限管理中间件的研究与实现［J］．南京航空航天大学学报, 2007，39(4)：481485．
［8］李唯冠，赵逢禹．带属性策略的RBAC权限访问控制模型［J］．小型微型计算机系统， 2013，34(2)：328331．
［9］董永峰，陆军，刘建波，等．改进的RBAC模型在信息服务平台上的应用［J］．计算机应用与软件， 2012，29(5)：99103．
［10］王永，王敏，李敏．管理信息系统中用户个性化界面配置研究［J］．科技管理研究， 2012(17)：220224．
［11］ 朱昌平，沈媛，周浩．高校教学科研一体化团队管理系统的开发［J］．实验室研究与探索, 2012，31(7)：193197． 
［12］薛朝改，曹海旺．企业信息系统自组织的系统模型研究［J］．中国管理科学， 2012(20)：772775．
［13］陈武，钱青，赵熊，等．清华大学智能座位管理系统的设计与实现［J］．现代图书情报技术， 2013（10）：9095．
［14］徐娟，李锋，宁延平，等．一种B/S结构的柔性编码系统的设计与实现［J］．山东农业大学学报（自然科学版）， 2013，44(3)：438442．
［15］胡俊，张熠，黄传河．基于云平台的政务信息系统的访问控制设计［J］．华中科技大学学报（自然科学版）， 2013，41（S2）：147151．
［16］魏颖．基于Maven的J2EE后台管理系统代码生成器［J］．计算机与现代化， 2014（2）：4650．

[1]	LU Sai, ZHUANG Yi. Information System Risk Assessment Model Based on Self-Adaptive Expert Weight [J]. Computer and Modernization, 2021, 0(08): 85-93.
[2]	WANG Xiao-yu, SUN Ka. Visualization of 3D Virtual Campus Based on osgEarth [J]. Computer and Modernization, 2020, 0(11): 89-93.
[3]	SUN Guang-cheng, LI Hong-zhe, LI Sai-fei, ZHANG Xiao-wei. Internet of Things Access Control System Based on Blockchain [J]. Computer and Modernization, 2020, 0(11): 100-108.
[4]	DAI Yong-qiang， WANG Lian-guo. Evaluation of Surface Soil Heavy Metal Pollution in City [J]. Computer and Modernization, 2019, 0(08): 105-.
[5]	DU Wen-hao, HU Wei-ping, ZHANG You-xian, YU Jian-tao. Self-balancing Follow-up Robot Target Recognition and Loss Re-selection Strategy [J]. Computer and Modernization, 2019, 0(05): 108-.
[6]	YUAN Jie， ZHANG Min-lei. Research on Fault Recovery Mechanism of Power Information System Based on SDN [J]. Computer and Modernization, 2018, 0(11): 7-.
[7]	XU Rui1,2, YOU Jia1,2, LIU Kun1,2, MA Feng1,2, DUAN Ke2, ZHONG Yan-tao3. Identification System for Enterprise Users Based on [J]. Computer and Modernization, 2018, 0(03): 102-.
[8]	JIANG Hua， XU Guo-cun， YANG Jing. Design and Implementation of Housing Levy and Compensation #br# Information System on State-owned Land [J]. Computer and Modernization, 2017, 0(5): 109-112.
[9]	MA Jia-yan, WANG Ping, SHEN Hong-wei. Design of Competitive Data Distribution System Based on Middleware [J]. Computer and Modernization, 2017, 0(12): 94-97.
[10]	GUO Long-hua1, XIA Zheng-min1, ZHENG Sheng-jun2, WANG Hong-kai3, MA Zhi-cheng4. RBAC-based Security Access Scheme for Demand Response [J]. Computer and Modernization, 2016, 0(3): 100-104+110.
[11]	YU Yue-yang, MIAO Hong, GE Shi-lun, WANG Nian-xin. Optimization of Enterprise Information System Menu Using Association [J]. Computer and Modernization, 2016, 0(11): 99-103.
[12]	QU Zhong, JIANG Shao-hua, ZHOU Biao. Female Village Officers Information Support Network System [J]. Computer and Modernization, 2016, 0(1): 12-15.
[13]	REN Jia-jia, WANG Nian-xin, GE Shi-lun. Statistical Properties and Dynamics Analyzing of #br# Enterprise Information Systems Users’ Access Behavior [J]. Computer and Modernization, 2015, 0(9): 6-12.
[14]	REN Jia-jia, WANG Nian-xin, GE Shi-lun. Analyzing Information Systems Users’ Access Behavior by Human Dynamics [J]. Computer and Modernization, 2015, 0(10): 10-15.
[15]	WANG Yuan1, YANG Yue-xiang2, DENG Wen-ping2. A Ciphertext Access Control Scheme for Enterprise Synchronous Network Disk [J]. Computer and Modernization, 2014, 0(3): 154-157,160.