摘要
访问控制策略是建设管理信息系统时必须考虑的问题,良好的访问控制模型不仅可以保证系统运行和数据使用安全,还可以减少用户授权管理的维护工作量。作者面向企业的组织结构和岗位设置,在基于角色的访问控制模型的基础上,设计了基于岗位的访问控制模型,并开发了铁路运输调度管理系统的用户访问控制子系统。该访问控制模型依据用户登录时的岗位分配其操作权限与数据权限,实际应用表明,该模型可以满足调度员在使用铁路运输调度管理系统时经常更换岗位的需求,并且便于日常维护。
Access control strategy is an indispensable problem to solve before building large management information systems. Good access control model can not only insure the safety of the system and business data, but also reduce the maintenance workload. To be adapted to organization structures and post layouts of an enterprise, post-base access control (PBAC) model is put forward based on the role-based access control model, and user access control sub-system is developed for railway transportation dispatch management system. The PBAC model authorizes user's operation privilege and content privilege according to user's post when he logged in. The application shows that the PBAC model is an effective method to meet the requirement that dispatchers often change their posts when using transportation dispatch management system, and the model is easier to maintain.
出处
《电子科学技术》
2014年第2期200-205,共6页
Electronic Science & Technology
