在分散式系統中,許多功能常會同時使用到不同主機上的資源,但每個系統一般都會有自己的權限控管,為了能使用這些功能,我們就需要整合不同系統的權限控管。 在本篇論文中,我們設計了一個Multi-Domain Controller(MDC)來建立多個RBAC系統之間的合作關係與角色的對應關係。不同系統上的RBAC合作資訊讓MDC知道一個使用者可使用其他系統上的資源,角色對應讓MDC知道一個使用者在其他系統上擁有什麼角色,進而知道此一使用者在其他系統上的權限,我們實作了MDC,並用MDC管理一個實驗室成員入口網與檔案伺服器兩個不同系統的權限控管。
In a distributed system, many functions will use resources in different servers at the same time. Normally, each server has its own access control. In order to use these functions, we need to integrate access control between different servers. In this thesis, we designed a Multi-Domain Controller (MDC) to coordinate the collaboration and role mapping between different RBAC systems. The collaboration relationship between RBACs lets MDC know that a user could use resources in other systems. MDC knows what role a user can have in other systems through role mapping, and thus knows what permissions a user can have in other systems. We also implemented the MDC and used it to manage two different RBAC systems, a laboratory member portal system and a laboratory file server.