The control to access resources in organization has become increasingly important,and Role Based Access control (RBAC)technology is rapidly developing along with the internet. In RBAC,The Role is a important concept,and must be properly constructed to reflect organizational access control policy and needs. In this paper we represent a RBAC model with this well-known modeling language UML to reduce a gap between security models and system developments. We specify the RBAC model with three views:static view,functional view,and dynamic view. Several frameworks for the development of role-based systems have been introduced. However , there are a few works specifying RBAC in a way which system developers can easily understand and refer to develop role-based systems.%基于角色的访问控制(RBAC)技术随着网络的迅速发展而发展,在RBAC中,角色是重要概念,它根据用户在组织内所处的角色进行访问授权与控制,通过角色沟通主体与客体。该文提出了用可视化标准建模语言UML的类图、用例图和交互图(合作图、顺序图)来描述了RBAC的相关概念。有效地帮助系统开发人员理解RBAC模型和建立基于角色的系统。
展开▼
