RBAC(Role Based Access Control)makes the system easier to use and improve robustness. Study model RBAC and list its defects in fine grain and expression ability. With UML modeling, refactored RBAC96, propose an expend-able object oriented RBAC model(OORBAC)with ability to tiny fine-grained access and supporting permission poset. Based on OORBAC combined with some GoF patterns, design a common framework superior in synchronous/asynchro-nous and poset permission relation’s expression, and supporting dynamic access control on fine granularity more efficiently.%角色访问控制(Role Based Access Control,RBAC)的应用提高了系统易用性和健壮性。分析了RBAC标准模型,指出其在细粒度和表达能力等方面的一些缺陷,结合UML对其重构,提出支持偏序权限建模的面向对象角色访问控制模型(Object Oriented Role Based Access Control,OORBAC),基于该模型结合部分GoF模式设计了通用应用框架。与其他应用框架相比有着良好的通用性,支持权限关系的同异步及偏序关系表达,并在细粒度动态访问控制上具有更好的效率。
展开▼