【作者】 蔡世伟；

【导师】 杨正球；

【作者基本信息】 北京邮电大学 ， 计算机科学与技术， 2008， 硕士

【摘要】 目前,越来越多的企业都通过Internet建立起基于Web的企业信息管理系统,从而理顺工作流程,加强与客户的联系,提高运营效率,增强企业的竞争力;与此同时,企业也对信息管理系统的安全性提出了很高的要求。本文以这类问题作为研究重点,具体实现了一个适合企业权限管理的系统。在本文中,作者首先分析了基于Web的企业信息管理系统存在的安全管理方面的困难,比如:1企业结构复杂,人员众多,岗位升降、任务变动、流动性大等特点,使得权限管理工作繁琐混乱;2由于互联网上存在各种不安全因素,用户也复杂多样,使得系统面临着来自内、外两方面的安全威胁,在考虑应用级系统安全性时,还需特别处理通过直接输入网页地址来访问系统中资源的情况。作者通过在系统中引入权限管理子系统这一模块,对用户的授权与认证过程进行统一协调管理,很好地解决了以上问题。经过分析比较目前已有的访问控制方法,比如:自主访问控制(DAC)、强制访问控制(MAC)等,最终借鉴更适合企业信息系统的访问控制方法一基于角色的访问控制(RBAC),结合中国普天的实际需求,提出了企业访问控制模型,以此作为普天权限管理系统实现的基础,从而使得权限维护管理具备了方便、灵活的特点。另外,作者在系统实现时,采用了当前流行的Web开发技术:Struts+Hibernate,使表示逻辑层和业务逻辑层相分离,系统更趋模块化,更容易维护,提高了系统移植性和扩展性。在文章的第五章中,通过UML类图,数据库图,各实现原理图,以及核心代码展示,详细描述了权限管理系统的实现过程。实践证明,该权限管理子系统在《普天项目信息管理系统》中取得了满意的效果。更多还原

【Abstract】 At present, more and more enterprises are founding up their own enterprise_ information management system based on Web, through Internet, in order to streamline workflow processes, strengthen customer relationships, improve operational efficiency and enhance the core-competitiveness of enterprises; At the same time, enterprises desires for the very high safety of information management system. This article focuses on these issues, and concretely describes the realization of a system for enterprise rights management.In this paper, author firstly analyzes existing security-problems of the right-management of the current enterprise information management systems: One Because of enterprise complex structures, many staff, status movements, job changes, and the frequent variability, the work of the rights management is tedious and chaos. Two because there exist all sorts of factors leading to the insecurity on the Internet and the complex diversity of users, enterprise information management system is made facing threats to the security from both internal and external. For the application-level security, the designer must specially deal with the inappropriately accessing the system resources by the way of directly inputting the Web site address in Address Bar. By the way of the introduction of this right management subsystem module into the system, the author coordinates the management of user authentication and authorization process, which is a good solution to the above problems. After analysis and comparison of existing access control methods, considering the project needs of China Potevio, the author refer to RBAC model and design Enterprise_RBAC model, which is used as the foundation of Potevio rights management subsystem and makes maintenance and management of the right convenient and flexible. In addition, author uses popular Web technology: Struts and Hibernate, which makes system more modular and easier to maintain and improves the portability and scalability.In the fifth chapter of the article, by UML class diagram, database map, the function realization schematics, as well as main code, the author described in detail the entire process of finishing the right management system. Practice has proved that the right-subsystem has attained very satisfactory effects in Potevio Project Information management System.更多还原