摘要
通过一个大型公文流转系统的实例 (中国政府机关公文流转系统 ) ,研究和探讨实际应用中的用户权限及访问控制问题 .我们认为 ,基于大型应用中用户权限的构成特点只采用基于角色的访问控制策略是不够的 ,必须也要采用传统的其它访问控制机制才能实现完善的访问控制系统 .但究竟如何实现这种综合访问控制 ,目前很少有这方面的文章和研究 .本文通过实例系统在对大型应用系统中用户的权限构成进行分析后 ,重点介绍了系统综合访问控制实现的基本结构、控制策略、管理方法 ,并就几个关键问题进行了讨论 .
Through an example system, The official documents run system for government organizations of china, the issues about user permissions and access control tactics in large-scale applications are discussed. And we thought that because of the complexity of permission requirements, just using role-based access control policy is not enough, and it is absolutely necessary to adopt traditional access control mechanisms in practices. But how to achieve the integrated access control policy in large-scale systems, there have been no more articles concerning it up to now. After the user permission analysis, well introduce the basic structure of the access system, the control policy, the management method and the weakness also in our example system.
出处
《小型微型计算机系统》
CSCD
北大核心
2004年第2期195-198,共4页
Journal of Chinese Computer Systems
基金
首都信息化重点工程项目"北京市技术监督局信息化建设专项资金"资助 (1999)
关键词
访问控制
角色
权限
应用
公文
access control
role
permission
application
official document