节点文献
基于任务和角色的工作流系统访问控制模型的研究
The Research of Access Control Model Based on Task and Role
【作者】 王立超;
【导师】 黄伟力;
【作者基本信息】 河北工程大学 , 计算机应用技术, 2010, 硕士
【摘要】 随着计算机网络的广泛使用,互联网领域的迅速发展,现代信息系统的分布性、异构性和自治性特征越来越受研究机构及产业界的关注。系统中信息资源不仅分布在异构的计算机环境中,而且信息源之间的连接也表现出松散的特点,在这种大规模分布式环境中工作流管理系统的安全问题体现的越来越突出。就目前的信息安全技术,本文选择访问控制技术作为网络安全防范和保护的核心技术,提出了一个基于扩展的任务和角色的工作流访问控制系统模型。首先,本文基于工作流管理系统的安全需求开展了相关的研究工作,介绍了工作流和访问控制技术的概念,将访问控制技术在工作流系统中的应用进行了研究,分析了其中存在的问题。然后,针对存在的问题给出了基于扩展的任务和角色的访问控制的实现框架,并详细介绍了框架中的各功能模块的实现方法。给出了访问控制在工作流系统中的主要时序。最后,本文从ETRBAC在系统中的应用入手,用面向对象的方法来设计实现该系统,使系统各个层次相对独立,降低了系统耦合性。另外,为提高代码的复用性,增强系统的灵活性,在系统开发过程中采用了整合Struts、Hibernate和Spring的轻量级J2EE体系架构进行开发设计,使系统的分层更加清晰、程序健壮性进一步得到提高。
【Abstract】 With the wide use and rapid development of the Internet, the distribution, heterogeneity and autonomy of the modern information systems attracts more and more attention of research institutions and the industry. Not only are information resources distributed in a heterogeneous computer environment, but the connection between information resources also show the characteristics of loose, safety issues of workflow management system in the large-scale distributed environment become more and more prominent. According to the information security technology currently, this paper selects access control technology as the core technology to prevent and protect the network security and proposes an expanded task-role-based workflow access control system model.First, this paper focuses on the study of security in workflow management system, introduces the concept of workflow and access control technology, studies the application of the access control technology to workflow system and analyzes the existing problem.Then, the thesis advances an expanded task-role-based access control framework on the existing problem, describes the realization of all the function models in detail and gives the main sequence of the workflow system.Finally, this paper starts with the application of ETRBAC, uses object-oriented approach to design the system, makes each layer of the system independent and reduces the system coupling. In addition, in order to improve code reuse and enhance system flexibility, the design of the system adopts Struts, Hibernate and Spring’s integrated lightweight J2EE architecture which makes layer clearer and program healthy.