【作者】 宗腾腾；

【导师】 罗四维；

【作者基本信息】 北京交通大学 ， 计算机软件与理论， 2008， 硕士

【摘要】 随着计算机技术、通信技术和网络技术的飞速发展,大多数企业都希望通过自身的信息化建设来提高企业竞争力、降低经营成本、提高企业决策的效率。然而网络应用的安全性问题成为制约其发展的主要因素,在管理大量的网络系统时,安全管理的复杂性是个很具挑战性的问题。当前最为流行的访问控制技术作为网络安全防范和保护的主要策略,已经渗透到操作系统、数据库、网络的各个方面。而基于角色的访问控制(RBAC)模型作为主流的访问控制模型,与传统的自主访问控制和强制访问控制相比,具有更高的灵活性和扩展性。本文针对长治市网通集团管理信息系统的设计与实现,首先比较分析访问控制三种主流技术:自主访问控制、强制访问控制、基于角色的访问控制,着重研究了RBAC模型。并根据MIS的业务需求引入了分组、岗位的感念,扩充了基于角色访问控制模型,称之为GSRBAC╱Web模型(Group and Station Role-Based ControlModel)。为了加强业务上的管理引入了分组和岗位的概念,简化授权的复杂性。在GSRBAC/Web模型的基础上,设计其各项功能组件,并采用新模型对Acegi安全系统进行扩展,使其成为GSRBAC/Web模型的具体实现。同时为了加强系统的协同工作理念,采用OSWorkflow工作流引擎对系统中的需要数据流转的功能进行设计和实现。分别从系统建模、访问控制方案的设计、OSWorkflow工作流技术、功能模块设计和实现等方面详细介绍了长治市网通集团管理信息系统开发的过程。更多还原

【Abstract】 With the development of the computer, communication and network, most of the Enterprises want to enhance competitiveness, reduce operating costs and improve the efficiency of decision-making by Information Construction. But the security of network application has become one of main factors that restrict its development; Security management is very challenging for its complexity in the administration of many network systems. Access control, as an important security technology, has been applied in the operation system, the database management systems, security management and network operating system etc. Role-Based Access Control (RBAC) Model is nowadays the best and most popular access control model. Compared with traditional discretionary and mandatory access control, it can provide better flexibility and expandability.The paper aims at the design and implementation of Changzhi Netcom MIS, First, the paper compares and analyzes the advantages and disadvantages of the three main technologies of access control: DAC, MAC, RBAC. Then the paper specializes in the role-based access control model, and introduces the concepts of group and station according to business needs of Changzhi Netcom MIS. The enlarged role-based access control is called GSRBAC/Web Model (Group and Station Role-Based Control / Web Model). To enhance Business Management and simplify the complexity of Authorization, We introduce the concept of group and station. Design every functional component and make use of the model to expand Acegi Security System on the basis of GSRBAC/Web Model. Second, use the OSWorkflow workflow engine in the MIS, in order to strength its teamwork concept. Describe development process of Changzhi Netcom MIS in detail from system modeling, access control, OSWorkflow workflow technology and the functional module.更多还原