RBAC圖形化編輯器
1.5萬(wàn)字 46頁(yè)
包括開(kāi)題報(bào)告和任務(wù)書(shū)


摘 要

隨著Internet的迅猛發(fā)展，信息共享的程度進(jìn)一步提高，數(shù)字信息越來(lái)越深入的影響著社會(huì)生活的各個(gè)方面，而網(wǎng)絡(luò)上的信息安全問(wèn)題也日益突出。訪問(wèn)控制技術(shù)是信息安全的一項(xiàng)基本技術(shù)，而基于角色的訪問(wèn)控制（RBAC）技術(shù)解決了傳統(tǒng)訪問(wèn)控制技術(shù)的不足，借助于角色這個(gè)主體，將原來(lái)成千上萬(wàn)的用戶抽象成角色，用戶通過(guò)角色訪問(wèn)資源，建立這樣一種映射關(guān)系，大大提高了管理的效率。
到目前為止基于角色的訪問(wèn)控制（RBAC）模型已經(jīng)成功應(yīng)用于很多的信息系統(tǒng)中。但是隨著企業(yè)規(guī)模的不斷擴(kuò)大，員工之間關(guān)系也變的越來(lái)越復(fù)雜性。人們逐漸發(fā)現(xiàn)單純地使用Web頁(yè)面來(lái)操作RBAC模型變得非常的不方便，從而迫切需要一個(gè)有很好可用性的RBAC圖形化建模工具。
本文的主要工作就是開(kāi)發(fā)一個(gè)RBAC圖形化建模工具，并為用戶提供一個(gè)RBAC二次編程接口（GRBAC）。這個(gè)RBAC圖形化建模工具主要包括可視化RBAC對(duì)象關(guān)系編輯工具、可視化用戶編輯工具、可視化角色編輯工具、可視化權(quán)限編輯工具、可視化資源編輯工具和資源搜集工具。
應(yīng)用可以通過(guò)本文提供的工具對(duì)用戶、角色、權(quán)限和資源進(jìn)行管理和控制，尤其通過(guò)簡(jiǎn)單易用的二次編程接口實(shí)施最終的訪問(wèn)控制。

關(guān)鍵字：基于角色的訪問(wèn)控制，訪問(wèn)控制，角色

RBAC Graphical Editor

Abstract
With the rapid development of Internet, the degree of information sharing becomes further improved, digital information more in-depth impact on all aspects of social life, and on the network information security problems have become increasingly prominent. Access control technology is a basic information security technologies, and role-based access control (RBAC) technology solves the lack of traditional access control technology, through the use of this main role, abstracting the original tens of thousands of users into the role, users access resources through the role. the establishment of such a map greatly improving the management efficiency.
From now on RBAC model has been used in many information systems successfully.But as long as the enterprise becomes more and more larger, the relation between employees also become more and more complex.People finally find out that it is too inconvenient that just using some web pages to take action with RBAC model,thereby it is necessary that developping a GUI editor for RBAC modelling.
The main work is to develop a RBAC graphical modeling tool, and to provide users with a second RBAC programming interface (GRBAC). This RBAC graphical modeling tool mainly include visual the relations of RBAC objects editing tool, visual users editing tool, visual roles editing tool, visual permissions editing tools, visual resources editing tools and collecting resources tools.
Applications can use the tools provided by this paper to manage and contorl the users, roles, permissions and resources, especially through the easy-to-use programming interface to implement the final access control.

Key Words: RBAC, Access Control, Role


目 錄

1 緒 論 1
1.1 研究背景與意義 1
1.2 國(guó)內(nèi)外研究現(xiàn)狀 2
1.3 本文主要工作 3
1.4本文的組織結(jié)構(gòu) 4
2 系統(tǒng)關(guān)鍵技術(shù) 5
2.1 RBAC標(biāo)準(zhǔn)模型 5
2.1.1 RBAC的基本概念 5
2.1.2 RBAC參考模型 7
2.2 Java Swing圖形化技術(shù) 11
2.2.1 Swing簡(jiǎn)介 11
2.2.2 Swing組件 14
2.2.3 Swing組件的特性 17
2.3本章小結(jié) 18
3 系統(tǒng)需求和功能說(shuō)明 19
3.1 系統(tǒng)分布圖 19
3.2 系統(tǒng)基本功能模塊 20
3.2.1 XUDL工程管理模塊 20
3.2.2 可視化用戶編輯模塊 21
3.2.3 可視化角色編輯模塊 21
3.2.4 可視化權(quán)限編輯模塊 22
3.2.5 可視化資源編輯模塊 23
3.2.6 可視化RBAC對(duì)象關(guān)系編輯工具 23
3.2.7 資源搜集工具 24
3.3 本章小結(jié) 25
4 系統(tǒng)體系結(jié)構(gòu)和詳細(xì)設(shè)計(jì) 26
4.1 存儲(chǔ)層 26
4.2 邏輯層 31
4.3 表示層 34
4.4 本章小結(jié) 36
5 RBAC圖形化編輯器的應(yīng)用 37
5.1 提出問(wèn)題 37
5.2 系統(tǒng)概述 37
5.2.1 需求分析和設(shè)計(jì)目標(biāo) 37
5.2.2 開(kāi)發(fā)平臺(tái)與工具 37
5.2.3 系統(tǒng)架構(gòu)和權(quán)限管理結(jié)構(gòu) 38
5.3 IT企業(yè)的RBAC模型 39
5.4 用戶驗(yàn)證和訪問(wèn)控制 39
5.4.1 用戶驗(yàn)證 39
5.4.2 訪問(wèn)控制 40
5.5 系統(tǒng)體驗(yàn)結(jié)果分析 41
5.6 本章小結(jié) 41
結(jié)論 42
致謝 43
參考文獻(xiàn) 44


參考文獻(xiàn)
[1]John Barkley. ROLE BASED ACCESS CONTROL.Software Diagnostics and Conformance Testing National Institute of Standards and Technology
[2]David F. Ferraiolo, John F. Barkley, and D. Richard Kuhn. A Role Based Access Control Model and Reference Implementation within a Corporate Intranet. National Institute of Standards and Technology
[3]Tony Cincotta, Serban Gavrila,John Barkley."RBAC/Web Release 1.I". May20
[4]Jaeger, t .On the increased inportance of constraints.In Proceedings of t he Fourth A Workshop on Role-Based Access Control(Oct.)
[6]林磊，駱建彬，等.管理信息系統(tǒng)中基于角色的權(quán)限控制[J]計(jì)算機(jī)應(yīng)用研
[7]姜志紅，須德.基于Web的信息系統(tǒng)的用戶權(quán)限設(shè)置策略[J].北京交通大報(bào)