According to the design of repeatability in privilege management and the shortage of the existing RBAC model in practical applications, this paper puts forward a kind of improved RBAC model. The model, mainly based on the role authorization, has added the mechanism of direct user authorization, shielding part of authorization in roles and solving the distribution of exclusive authorization by priority. The paper, using the model from the viewpoint of reuse, designs and implements a self-adapting authority component in system. It realizes the component of authority management and increases the efficiency of software development in the future.%针对权限管理在设计上存在的重复性及现有RBAC模型在实际应用中存在的不足,本文提出了一种改进的RBAC模型,该模型在主要对角色授权的基础上加入了对用户的直接授权、屏蔽角色中的部分权限和利用优先级解决互斥权限分配的机制.利用该模型从复用的角度设计并实现了一个具有自适应性的系统级权限构件,实现了权限管理的构件化,为以后的软件开发提高效率.
展开▼
