摘要
访问控制是管理信息系统设计中的重要环节,是系统安全运行的有力保障。本文通过对三种访问控制模型的分析和比较,指出在自主访问控制(DAC)、强制访问控制(MAC)和基于角色的访问控制(RBAC)这三种模型中,RBAC是最适合网络化的多用户管理信息系统的应用。提出了RBAC的实现方案,有效实现了前后台安全控制的统一,全面增强了基于网络的多用户管理系统的安全、管理性能。
Access control is an important part of the management information system design, a powerful guarantee for the safe operation. We first analyzed three access control models and compared them, pointing out that in DAC, MAC and RBAC, RBAC is the most suitable access control for multi-user network management information system. An implement scheme of role-based access control model is proposed, which realized effectively the unification of security control, and enhanced entirely the safety management performance on multi-user network management system,
出处
《北京生物医学工程》
2007年第2期132-135,共4页
Beijing Biomedical Engineering
关键词
RBAC
多用户管理信息系统
角色
权限
网络
安全控制
RBAC
multi-user management information system
role
authorization
network
security control