摘要
为解决传统的基于角色的访问控制(RBAC)在高校业务管理系统中的局限性,提出了一种改进的权限模型,引进了用户组的概念,该模型在角色与用户之间添加用户组,将角色直接授权给用户组,而不是用户,传统的为用户分配角色就转化为用户组分配角色,而在权限上将权限具体分为数据权限和操作权限两种,分别用独立的建模软件和Web浏览器设置,使之具有高效、灵活的特点,非常适合高校的业务管理系统,最后给出了新模型的设计与实现。
To solve the problem of the limitations of RBAC in the management information system of university, a new permission model is presented. In the model, the concept of user group is introduced and the permission is authorized to the user group directly. The traditional way of granting authorization to the user is replaced by granting to the user group. The permission is divided into data permission and operating permission which can each set by an independent modeling software and web, which is efficient, flexible and very suitable for the business management system for colleges and universities. Finally, the design and implementation of the new permission model is also given.
出处
《计算机工程与设计》
CSCD
北大核心
2010年第2期371-373,377,共4页
Computer Engineering and Design
基金
江苏省高校自然科学基金项目(06KJD520122)