【作者】 戴莹莹；

【导师】 谈冉；

【作者基本信息】 武汉理工大学 ， 计算机应用技术， 2006， 硕士

【摘要】 随着信息技术的飞速发展以及我国信息化建设进程的加快,无论是政府还是企业,为了提高办事效率,加快信息的传输速度,都需要实现办公自动化。办公自动化(OA,Office Automation)是指将现代化办公与计算机网络功能相结合的一种新型办公方式。通过计算机网络和OA系统,企业内部人员可跨越时间、空间限制实现协同工作,使信息传递更加快捷、方便。 由于Internet具有标准化、开放性、分布式等众多优点,使人们在开发办公系统时,由传统的C/S体系结构转向高性能的Browser/Web Server/DB Server三层体系的B/S结构。在B/S模式中,只需在客户端装上操作系统、浏览器,在服务器上,可以集中所有的应用软件的开发、维护等复杂工作,极大地提高了系统的开发和维护效率。 随着企业办公信息系统的广泛使用,系统安全问题受到越来越多的关注,而访问控制技术是解决安全问题的关键。目前我国大部分企业均采用传统的访问控制技术,自主访问控制技术(DAC,Discretionary Access Control)和强制访问控制技术(MAC,Mandatory Access Control),均存在一定弊端,有其局限性。本文对企业信息系统中采用基于角色的安全访问控制(RBAC,Role-Based Access Control)技术进行了理论研究和实践探讨。 本文从理论上研究了RBAC的概念模型,并与传统的安全访问控制相比较,论证了在企业办公信息系统中采用RBAC的优势和作用。从企业安全需求的角度出发,讨论了RBAC通用模型、扩展模型及RBAC在Web上的布署方案。根据RBAC/Web模型,作者在分析企业办公信息系统的安全需求和组织特点的基础上,制定了企业办公信息系统RBAC的实现方案,对角色划分、权限分配、RBAC管理进行了方案设计,并论述了方案的特点和优势。最后作者以《黄石市公路办公信息系统》为例,具体阐述了该系统基于角色的安全访问控制方案的实现,论证了设计方案在企业办公信息系统中的可行性。更多还原

【Abstract】 Along with the rapid development of information technology and the expedite step of our country’s information progress, it is necessary for whether a government or business enterprise to realize office automation to improve the work efficiency and fasten information transmit speed. OA (Office Automaiton) is the new office way that is combined with the function of modern office and network. The employees could be stride over the time and space limits and realize cooperative work.Because of standard, opening and distributed characteristics of Internet, the develop pattern of office information system is changed from C/S (Client/Server) structure to B/S structure with 3-tier (Brower/Web Server/DB Server). In B/S mode clients only need operating system and browser, and the server can complete all the developments and maintenances of the applications.With the widely using and development of Enterprise Office Information Systems, people look more important upon the security of system gradually. Access control technology is the key factor of solving security problems. At present most of Enterprise Information Systems adopt traditional methods including Discretionary Access Control (DAC) and Mandatory Access Control (MAC), which have some deficiencies. This paper theoretically and practically studies Role-based Access Control (RBAC) in Enterprise Information Systems.The author analyzed RBAC concept model, compares it with traditional access control scheme, and demonstrated the advantages and uses of implement RBAC in Enterprise Information Systems.And then discussed the common RBAC model, the extended RBAC model and the RBAC in Web. According the RBAC/Web model, designed the scheme of RBAC implement, which includes dividing roles, assigning permissions and RBAC administration.Summarized the specialties and advantages of RBAC in Enterprise Information Systems. Finally, took examples of "Office Information System for Road Managing Ministry in Huangshi City", and specifically expound the course of analyzing, designing and implementing RBAC scheme in Enterprise Information System. It also demonstrated that the scheme is feasible in Enterprise Information Systems.更多还原