Implement Of Core RBAC Model

With the software system being more and more complicated and huge, the work division of the software design is more and more detail, and the functions of the modules is special too, as a result, the problem of the users administration become more and more complicated in the software system design. The Role-Based Access Control ( RBAC ) Model is a multi-level model for users administration based on the theory of user-role-permission, it is supported by the National Institute of Standards and Technology (NIST). In security controlling, RBAC model pays attention to role dealing. Role is separated from authority layer, bring whole model getting simple and easy in system design and flexibility in security controlling, this is the most outstanding characteristic of RBAC model; in the respect of the authority restraining, the model offers a clear description and semanteme; in the respect of measuring and conflict dispelling, the model offers a dynamic / static behavior mechanism. Using Object Oriented technology, the model achieves obvious independence . The policies and mechanisms of the users'accession control model are researched in this paper, using RBAC model as foundation, accession control is analyzed carefully. There is a great gap between the RBAC model and the security function realization of the access control system, it requires formalized description to make the function of model be clarity. A formalized description of the application model is given in this paper , the application model includes user role assigning, role permission assigning and access control. It acts as a bridge between RBAC0 and its application and do favor to the broadly using of RAC0 model. Roles are assigned to users in user role assigning ,including users managing. Permissions are assigned to roles in role permission assigning, including roles managing. User accessing object is controlled in access control, describe the course of access control, especially emphasize the audit. After analyzing the strongpoint and disadvantage of the application model, the viewpoint to improve the efficiency of access control is given. At last, the application model of the RBAC0 model is embodied detailed in a printing manage information system.