摘要
权限管理和访问控制是管理信息系统的重要组成部分,它关系到整个系统的安全性和资源访问级别。从系统分析与设计的角度,对基于RBAC模型的权限管理系统进行了研究与实践。该系统采用MVC模型,以Struts、Spring和Hibernate框架为基础,采用"角色"作为桥梁,实现用户与权限的分离。该系统具有权限分配直观、扩展性强、操作便捷等优点,支持多角色、权限多变的需求,可以较容易地集成到管理信息系统中,实现权限管理职能。
Permission management and access control, two important parts of the management information system, are related to the safety of the whole system and resource access level. Combining with many years software development expert ence,the author made research and practice ahout the permission management system based on RBAC model from the per spective of system analysis and design. Using Struts, Spring and Hibernate framework as the basis,this system adopts MVC model and uses "role" as a bridge, realizing the separation of user and permission. With many advantages, such as authority distribution intuitively, high extensibility and convenient operation, the system supports multiple roles and changing permissions needs. It can be easily integrated into the management information system to perform system permission management function. In the development process of software permission management module,it has a certain practical guiding value.
出处
《软件导刊》
2016年第3期120-123,共4页
Software Guide
