- 學位論文
角色基存取權控管模式之系統設計──以銀行臨櫃系統為例
On the Design of Role-Based Access Control Model-A View from Bank Application System
若您是本文的作者,可授權文章由華藝線上圖書館中協助推廣。
摘要
近年來,企業資訊系統的發展,已從資訊系統的建置轉為著重於資訊安全,資訊安全這個課題,除了要防止外部人員對於資訊系統的不當存取、破壞、癱瘓,同時也要注意內部人員對於資訊系統不當的使用、舞弊與洩漏企業機密的可能性。尤其是在發生了許多內部人員濫用資訊系統,對於企業造成有形無形的損失之後,企業對於員工對資訊資源存取權控制便成為一項重要的安全控管機制。 本論文的主要研究目的,是在探討如何將角色基存取權控制模式(RBAC, Role-Based Access Control)運用在銀行業每日交易發生的第一線──臨櫃系統上。所以本論文會將RBAC模型建置在關聯式資料庫上頭,並以SQL語言來實現存取權�角色的授予、註銷,以及各項的限制式。並且將採用Enhanced Entity-Relationship 模型來描述整個系統的邏輯架構。 以關聯性資料庫實作RBAC模型,運用在銀行業臨櫃系統的存取權控管上,經由本論文的探討與實作之後,證明的確是一成本低廉且確實可行的存取權控管方式。
關鍵字
角色基存取權管制並列摘要
Recently, the development of enterprises’ information systems moves the focus from implementations to securities. The information security issues, not only about the external’s unsuitable access, destroying, and paralysis but also about the internal’s abuse, cheat, and divulgence of business information. Especially, while employees misuse information systems and make tangible and intangible losses, the access control of employees to systems become important measures to security issues. The purpose of the thesis is to research the using of RBAC for enterprises’ applications systems. Taking the banking industry’s system as an example and is limited to the frontline of daily transactions as the example system for discussion — Teller System. This thesis will implement RBAC mode on relational database and use SQL to fulfill the revoke, invoke, and constrains of access/role control. Also, the Entity-Relationship model will be used to describe the logical architecture of the whole system.By means of Entity-Relationship as the RBAC model and implement on bank’s Teller System for access control and the researches and practice of this thesis. RBAC is proved to be the cost-effective and workable methodology.
並列關鍵字
RBAC參考文獻
[10]Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein and Charles E. Youman. “Role-Based Access Control: A Multi-Dimensional View,” Proc. Of 10th Annual Computer Security Applications Conf. Orlando, Florida, (December 5-9 1994)54-62
[1]John Barkley. “Implementing Role Based Access Control,” (November 28,1995).
[4]Serban I. Gavrila, John F. Barkley. “Formal Specification for Role Based Access Control User/Role and Role/Role Relationship Management”, Electronic Edition (1998) 81-90.
[9]Ravi Sandhu. “Rationale for the RBAC96 Family of Access Control Models,” (1996)
[11]Ravi S. Sandhu. “Relational Database Access Controls,” Handbook of Information Security Management (1994-95 Yearbook), Auerbach Publishers (1994)145-160
延伸閱讀
- 林雪嬌(2006)。金控體制下,銀行企業金融業務經營策略之研究-以TF銀行為例〔碩士論文,元智大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0009-0707200611540300
- 謝欣潔(2012)。金融環境變遷下銀行業財富管理創新商業模式之研究-以H銀行為例〔碩士論文,國立中央大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0031-1903201314442957
- 余俊德(1998)。以工作權責為基礎之存取控制模式之研究〔碩士論文,元智大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0009-0112200611321107
- 徐誌謙(2006)。Using Persistent Objects in a Role Based Access Control System〔碩士論文,中原大學〕。華藝線上圖書館。https://doi.org/10.6840/CYCU.2006.00414
- 曹偉駿、黃美治(2010)。Design and Implementation of Integrated Access Control Systems with High Efficiency for Web Services。管理與系統,17(1),159-182。https://www.airitilibrary.com/Article/Detail?DocID=10239863-201001-201002260078-201002260078-159-182