- 學位論文
以群組為基礎之多個以角色為基礎的權限控管系統環境研究與實作
Group-Based of Role-Based Access Control System in Multi-Domain Environments
摘要
我們設計一種以群組為基礎的方法去整合多個以角色為主的權限控管系統。我們在權限控管系統中加入Multi-Domain Controller (MDC)元件,透過Group Server建立群組,將有需要合作的權限控管系統建成同一群組,因為建立Group可以方便管理,並減少權限確認動作,提升整合多個權限控管系統後的系統效率。 我們實作一個圖書館系統,應用程式以Web Service方式跟權限控管系統溝通,使用者在登入系統後可點選功能。當要求的權限不屬於本機權限控管系統時,可透過MDC元件,經由Group Server對屬於相同群組的權限控管系統來要求權限。
並列摘要
We proposed a group-based approach to integrate different role-based access control systems. A multi-domain controller (MDC) component was designed and was added to the role-based access control systems. MDC use a group server to establish groups so that systems within a group can cooperate with each other. Groups are easier to manage, can reduce permission check requests and thus improve the efficiency of integrated access control systems. We implemented a library system. The application uses web services to communicate with access control system. User can login the system to choose system’s functions. When a user requests a permission that belongs to other access control system, the multi-domain controller component will make request through group server for permissions in other access control system within the same group.