[1]余杨奎.基于角色的访问控制模型(RBAC)研究[J].计算机技术与发展,2019,29(01):198-201.[doi:10. 3969 / j. issn. 1673-629X. 2019. 01. 041]
 YU Yang-kui.Research on Implementing RBAC Model Based on ASP. NET[J].,2019,29(01):198-201.[doi:10. 3969 / j. issn. 1673-629X. 2019. 01. 041]
点击复制

基于角色的访问控制模型(RBAC)研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
29
期数:
2019年01期
页码:
198-201
栏目:
应用开发研究
出版日期:
2019-01-10

文章信息/Info

Title:
Research on Implementing RBAC Model Based on ASP. NET
文章编号:
1673-629X(2019)01-0198-04
作者:
余杨奎
湛江开放大学,广东 湛江,524003
Author(s):
YU Yang-kui
The Open University of Zhanjiang,Zhanjiang 524003,China
关键词:
基于角色的访问控制 角色-权限 用户-权限 安全 多对多关系
Keywords:
role-based access controlrole-authorityuser-authoritysecuritymultiple to multiple relationships
分类号:
TP31
DOI:
10. 3969 / j. issn. 1673-629X. 2019. 01. 041
摘要:
权限配置问题是Web开发技术重点探讨的问题,访问控制是为了保护Web系统中存储和处理信息安全的重要手段,访问控制提出了权限配置的关键解决方案.ASP.NET开发技术由三层架构实现,具有较大的灵活性和可扩展性.由ASP.NET开发技术实现基于角色的访问控制模型的解决方案,减化管理员对权限管理的开销,提高Web管理员在权限配置的工作效率.在SQL Server数据库中设计角色表bs user type、权限名称表sys menu和角色-权限多对多关系表bs dept menu,使用TreeView控件将权限名称遍历,通过ASP.NET三层架构实现基于角色的权限分配.在实践中,检验了角色与权限多对多关系的可行性、灵活性和可扩展性.角色-权限之间的变化比用户-权限配置简单得多,减少了管理员管理的复杂性,提高了工作效率;能够灵活地支持Web应用系统的安全访问策略;在操作上,管理员分配权限采用树目录操作直观,简单易用.
Abstract:
The permission configuration is a key problem in Web development technology. Access control is an important way to protectand store information security in Web system. Access control provides a key solution for permission configuration. The implementationof the three layer architecture of ASP. NET development technology has great flexibility and extensibility. The solution of role-based ac-cess control model is implemented by ASP. NET development technology,which reduces the overhead of administrators’ rights manage-ment and improves the efficiency of Web administrators’ rights allocation. In the SQL Server database,we design the role table bs usertype,the permission name table sys menu and the role permissions many to many relational table bs dept menu. We use the TreeViewcontrol to traverse the permission name and implement the role based permission allocation through the ASP. NET three level architec-ture. In practice,the feasibility,flexibility and extensibility of roles and privileges to multiple relationships are tested. Change of role permission ratio between the user privilege configuration is much simpler,which reduces the complexity of the administrator management,improves work efficiency. Access security support Web application system is flexible. In the operation,the administrator assign permis-sions using tree directory operation is intuitive,easy to use.

相似文献/References:

[1]路川 胡欣杰 纪锋.基于角色访问控制的协同办公系统设计与实现[J].计算机技术与发展,2010,(03):230.
 LU Chuan,HU Xin-jie,JI Feng.Design and Implementation for Cooperation Office System Based on Role- Based Access Control[J].,2010,(01):230.
[2]唐玉芳 张永胜.基于.NET的学生信息管理系统的设计与实现[J].计算机技术与发展,2010,(04):242.
 TANG Yu-fang,ZHANG Yong-sheng.Design and Implementation of College Student Information Management System Based on . NET[J].,2010,(01):242.
[3]刘宏波 罗锐 王永斌.一种采用RBAC模型的权限体系设计[J].计算机技术与发展,2009,(09):154.
 LIU Hong-bo,LUO Rui,WANG Yong-bin.Competence System Based on RBAC Design and Implementation[J].,2009,(01):154.
[4]尹涛 李翔 林祥 魏诚.基于AOP的角色访问控制模型设计与实现[J].计算机技术与发展,2008,(10):136.
 YIN Tao,LI Xiang,LIN Xiang,et al.Design and Implementation of Role Access Control Model Based on AOP[J].,2008,(01):136.
[5]杨宗凯 李琴 肖宇 许炜.T-RBAC模型在ERP系统中的研究与实现[J].计算机技术与发展,2007,(01):9.
 YANG Zong-kai,LI Qin,XIAO Yu,et al.Research and Realization of T- RBAC Model in ERP System[J].,2007,(01):9.
[6]石晓耀 张维成 江颉.基于RBAC的软件自主实验平台设计[J].计算机技术与发展,2007,(10):230.
 SHI Xiao-yao,ZHANG Wei-cheng,J IANG Jie.Design of Software Self- Guidance Experiment Platform Based on RBAC[J].,2007,(01):230.
[7]杜诗军 王瑞民 周清雷.RBAC在网络管理上的应用[J].计算机技术与发展,2007,(03):166.
 DU Shi-jun,WANG Rui-min,ZHOU Qing-lei.Application of RBAC to Administration of Networks[J].,2007,(01):166.
[8]孙尚辉 曹宝香 王廷蔚.扩展RBAC模型在文档管理中的应用[J].计算机技术与发展,2007,(03):210.
 SUN Shang-hui,CAO Bao-xiang,WANG Ting-wei.Application of Extended Role- Based Access Control Model in Document Management[J].,2007,(01):210.
[9]司莹莹 王洪.访问控制策略的研究[J].计算机技术与发展,2007,(04):100.
 SI Ying-ying,WANG Hong.Research on Access Control Strategy[J].,2007,(01):100.
[10]景栋盛 杨季文.一种基于任务和角色的访问控制模型及其应用[J].计算机技术与发展,2006,(02):212.
 JING Dong-sheng,YANG Ji-wen.A Model of Task- Role Based Access Control and Its Application[J].,2006,(01):212.

更新日期/Last Update: 2019-01-10