權限控管系統中持續性物件之設計及實作

我們在一個以Web-based MVC架構設計的權限控管系統中，加入持續化物件，並使用持續化物件來取代原來使用SQL架構。由於一個系統常會因為功能需求的增加而對資料表有所變動，在傳統使用大量SQL語法的程式架構下，改變資料表意味著所有使用到改變資料表的SQL語法都必須去修改，這對一個大系統來說花費會相當大且維護不易。所以在論文中我們使用持續化物件來解決這個問題。在本論文中，我們將每一個資料表都設計一個對應的持續化物件，並使用設計的持續化物件來存取資料庫資料。所以當資料表間的關係有所改變時，如原本一對一改變為一對多則只需要修改對應的物件設定檔即可。在權限控管系統中使用持續化物件，不但可以減少SQL的使用，更可以因為是使用物件的方式而降低系統的維護成本。

關鍵字

以角色為主之權限控管；持續化物件

並列摘要

In this thesis, we added persistent objects to an existing role-based access control system that was implemented using a web-based MVC framework. The original SQL statements were replaced by persistent objects. A system needs to change its table schema when more requirements are needed. However, changing table schema means that all related SQL statements will be changed as well. For a large system, this would be costly and make maintenance difficult. We proposed to use persistent objects to solve this problem. For each table, a corresponding persistent object was created. The persistent object was used to store the data in the data base. Therefore, when the relationship between different tables changes, all that needs to do is to change the corresponding object setting file. By using persistent objects in the role based access control system, we reduced not only the number of SQL statements but also the maintenance cost. Keyword：Role-Based Access Control、Persistent Object、Hibernate

並列關鍵字

Hibernate ； Role-Based Access Control ； Persistent Object

參考文獻

[3]. Ravi S. Sandhu, Venkata Bhamidipati, and Qamar Munawer, "The

ARBAC97 Model for Role-Based Administration of Roles", ACM

[7]. Joon S.Park,Keith P.Costello,Teresa M.Neven and Josh A.Diosomito,”A Composite RBAC Approach for Large, Complex Organizations” in Proceedings. ACM SACMAT 2004, pp.163–172.

[1]. David F. Ferraiolo and D. Richard Kuhn, "Role-Based Access

Google Scholar

Controls," in Proceedings of the 15th NIST-NSA National Computer

Google Scholar

國際替代計量

權限控管系統中持續性物件之設計及實作

全文下載

主題瀏覽