摘要
基于角色的访问控制模型RBAC通过引入角色实现了用户和访问控制权限的逻辑分离,简化了系统授权过程,提高了权限管理模块的可重用性,是当前信息系统权限管理的主流策略。基于RBAC设计实现了一个B/S系统下通用的权限管理模块,通过客户端脚本控制页面访问操作,支持部分页呈现。
Role-Based Access Control (RBAC) model is current mainstream policy for information system's power management. In the model, users do not associate permissions directly any more, but are authorized by user role assignment. This mechanism simplifies autho- rization process and improves module's reusable. In the paper, a general web page access control implementation based on RABC is presented. It controls page accessing and operation via client java script function and supports partial-page rendering.
出处
《软件导刊》
2009年第7期28-30,共3页
Software Guide
基金
国家自然科学基金(10671211)
湖南省自然科学基金(07JJ3005)
