作　　者： ; ;

机构地区： 华南农业大学经济管理学院

出　　处： 《汕头大学学报（自然科学版）》 2020年第2期47-53,共7页

摘　　要： B/S结构管理信息系统能够有效地克服C/S结构"信息封闭、效率低下和难以协同"的缺点,但因其开放性导致存在严重安全隐患.如何在业务流程有序控制限制下,实现业务数据的安全访问控制和灵活授权管理,成为B/S结构管理信息系统安全机制的关键问题.主流基于角色的访问控制RBAC模型通过"用户-角色-权限"的授权机制实现安全访问控制和灵活授权管理,但RBAC没有提供业务流程控制机制,因而难以应用到具有严格的业务流程次序操作的实体信息系统中.基于对RBAC模型的改进,提出基于双角色的权限访问控制DRBAC模型,是在实现安全访问控制和灵活授权管理的同时,提供了一种业务流程控制机制,能够较好适应具有严格操作次序要求的B/S结构实体信息系统. The B/S structure management information system can effectively overcome the shortcomings of"information closed, inefficient and difficult to cooperate"in the C/S structure.On the other hand, it leads to security problems because of its openness. For the B/S structure management information system, how to realize the secure access control and flexible authorization management under the restriction of the orderly control of student charging business process is the key problem of the security mechanism. The role-based access control(RBAC) model implements secure access control and flexible authorization management through a user-roleprivilege authorization mechanism, but RBAC does not provide a business operation sequence control mechanism. Therefore, it is difficult to adapt to the strict operational order requirements in the business process. The dual-role-based access control(DRBAC)model is an improvement to the RBAC mode. It provides a mechanism of business operation sequence control while implementing secure access control and flexible authorization management. Therefore, it adapts to the strict operation order requirement in the actual business process.

关 键 词： 安全访问控制 授权管理 管理信息系统

领　　域： []