在基于角色的防控控制( RBAC)模型的基础之上,结合B/S架构下Web系统的特性,提出了一种基于角色-控制器的扩展RBAC模型,在权限与角色之间引入控制器的概念,将Web系统中的权限从本质上明确的分为视图与数据两种类型,结合Web访问过程中的url的传递,使Web系统中的权限处理更加灵活多变,能适应WEB应用环境下的特殊权限处理要求。在具体制造业信息系统项目中的实施结果分析证明,该模型能够更好的适应Web系统灵活多变的特性。%In combination with the characteristics of Web system under B/S architecture,a new model of RBAC based on role-con ̄trol er is put forward in this article. It introduces the concept of the control er between the authority and role and constitutional y divides the authorities of web system into two types,the view and the data. Dealing with the authority becomes more flexible and more suit ̄able for the special need of the authority of web system. It is proved that the model can be wel adaptable to different needs of the au ̄thority of WEB system in the project of manufacturing information system.
展开▼
