基于MIS系统访问控制模型的研究

给出基于 MIS用户权限管理的解决方案 ,提出设计 RBAC(ROL E- BASED ACCESS CONTROL MODEL)的三个基本原则 .给出了在小规模 MIS系统中采用平面 RBAC;在大型应用 MIS系统采用层次 RBAC.并且又对层次RBAC进行了深入的探讨 .对传统的角色树完全继承方案、管理员集中授权方案进行改进 ,提出部分向上继承权限方案和实行管理员宏观整体控制授权树的深度和广度 ,拥有授权的用户进行局部控制 .增强多级授权的灵活性 ,减少了管理员授权负担 .在撤消方式上 ,探讨了几种撤消权利的方式 ,并对上述讨论给出了用关系数据库实现的表结构

Research of Access Control Model in the Management Information System

This paper proposal a project to solve the user permissions management in the management information system .Expressing three principles about designing RBAC. To small information management system ,We use flat RBAC (role based access control);To Large system ,We use hierarchies RBAC,Moreover ,We further explore the hierarchical RBAC ,According to the real life situation ,We improve the traditional role tree ,expound a partial upward inherit project to the traditional role tree. Improving the traditional concentration delegation model, Making administrator control the deep and broad of the all round permission tree, While users who possess the delegation permission control the deep and broad of the sub tree that he is the root node .Enhancing the flexible of the multi step delegation ,Reducing the burden of the administrator .We also discuss some ways about the revoking .Furthermore, giving the concrete table structures in the relational database.