摘要
从MIS系统用户权限管理的需求出发,描述了RBAC思想,以一个公司实际项目为背景,详细阐述MIS系统中权限管理的实现过程。着重介绍权限管理的框架和数据库的设计和如何动态生成菜单的问题,并提出设计时应注意的安全问题以及解决方法。实践表明该方法较好地提高了信息系统的安全性和可维护性。
On the basis of the requirement of the user permission management, briefly introduces the thinking of the RABC, introduces the realization process of permission management by a actual company project in details, mainly discusses the authority management framework and database design and the problems of how to generated menu dynamically, puts forward security problems which should be paid to and solutions. Practices show that this method can enhances the security and maintainability of management information system.
出处
《现代计算机》
2008年第5期29-32,共4页
Modern Computer
基金
上海市教委基金资助重点项目(No.06ZZ42)
上海市教委基金资助项目(No.05FZ22)
