摘要
针对RBAC(role_based access control)模型不能直接应用到SSO(single sign_on)系统中的问题,分析了RBAC模型的权限获取方式,指出不能直接应用的原因。引入XML文档存储用户在系统中的权限,改进用户权限获取方式及流程,定义权限验证方法统一接口,降低RBAC模型同应用系统的耦合性,提出了改进的RBAC统一权限管理模型和实施方法,并在实际应用中得以实现和验证。
Aiming at the problem that RBAC(role_based access control) model can't be applied directly to SSO(single sign_on) system,the cause is found,by analyzing the acquirement method of user-permission.XML file is introduced to store permission of system users,the acquirement method and flow of user-permission is improved,the unified interface of privilege verify method is defined,the coupling between RBAC model and application system is reduced,a improved RBAC model and implementation method are put forward.The model and the method is put into practice and proven in the application.
出处
《计算机工程与设计》
CSCD
北大核心
2009年第9期2139-2141,2144,共4页
Computer Engineering and Design
基金
粤港重大突破招标基金项目(2006A25007002)
国家星火基金项目(2007EA780068)
关键词
基于角色的访问控制
扩展标识语言
通用性
低耦合
单点登陆
role_based access control(RBAC)
extensible markup language(XML)
universal
weak coupling
single sign_on(SSO)
