摘要
访问控制是现代企业信息系统设计的核心,它控制用户行为,保护系统资源的安全。传统的访问控制模块的设计与应用系统紧密耦合,使其无法得到很好的复用。本文介绍了轻量级目录访问控制协议(LightweightDirectoryAccessProtocol,简称LDAP)和基于角色的访问控制基于角色的访问控制(Role-basedAccessControl,简称RBAC)模型,基于它们设计了一个高效、安全的访问控制系统。该系统在省邮政综合服务平台中的到应用,有效解决了原有系统设计中的一些弊端。
Access control plays an important role in the enterprise application system. It is used to control the user's behavior, and to ensure the safety of system resources, Conventionally, access control module is tightly integrated into the application system, which makes it difficult to reuse the access control module in the new systems, Re-developing the access control module under this condition will cause data redundant, which will make it difficult to maintain the base information and make the whole enterprise application systems unsafe. With the study of Lightweight Directory Access Protocol (LDAP) and Role-based Access Control (RBAC), we present the design of a secure access control system in this paper. The system is employed into the province's postal services platform. It is shown that it can successfully solve these problems.
出处
《微计算机信息》
北大核心
2006年第11X期97-99,76,共4页
Control & Automation
关键词
轻量目录访问协议
基于角色的访问控制
权限管理
系统集成
lightweight directory access protocol,role-based access control,authorization,system integration
