基于动态角色服务权限控制的物联网平台设计

针对现有基于身份的访问控制系统无法满足用户定制的各种软件组合服务的需求,提出了一种基于动态角色服务权限控制的物联网平台;首先,在物联网平台设计中,通过了解设备的整个生产周期,整合物联网平台的功能模块;然后以动态角色为中心,展开逻辑设计;之后根据RBAC(基于角色访问控制)模型组织用户的权限和组,划分访问Web服务的用户的角色;最后在基于角色的操作级别上对Web服务部分功能提供更细粒度的访问控制;实验表明:基于动态角色服务权限控制后,角色权限细粒度可精确到操作级别,并可实现动态化定义,优于传统的访问控制系统;该方法实现了简单、灵活地对角色权限进行管理,在实际工程应用中具有重要的指导意义。

Design of IoT Platform Based on Dynamic Role Service Authority Control

Aiming at the existing identity-based access control system cannot meet the needs of user-customized software combination services, so an internet of things (IoT) platform based on dynamic role service authority control is proposed. Firstly, in the design of the IoT platform, integrate the functional modules of the IoT platform by understanding the entire production cycle of the device; Then the platform center on dynamic roles and expands its logical design; After that, according to the role-based access control (RBAC) model, it organizes user permissions and groups, and divides the roles of users who access the Web service; Finally, it provides more fine-grained access control to some functions of web services at the role-based operation level. Experiments have shown that after the dynamic role service permission control, roles can be dynamically defined, and the fine-grained range of authority access can be accurate to the operation level, which is optimized to the traditional access control system. This method realizes the simple and flexible management of role permissions, and it has important guiding significance in practical engineering applications.