PERMIS PMI - based user authorization and access control
|School||Nanjing University of Technology and Engineering|
|Course||Applied Computer Technology|
|Keywords||authorization access control RBAC PMI PERMIS|
There are lots of application information systems in large corporations and enterprises. However different ways are usually used to implement systems’ privilege management, authorization service and access control. In actual environment there isn’t a mechanism to do unify privilege management about every system’s resources’ access. Huge costs are needed on these things, which are users’ privilege authorization and privilege maintenance. It needs thorough renewedly actualizing access control when changing system’s access control policy. It is hard to implement system’s access control on thin granularity and so on. A solution was designed to solve these problems above. These problems in many application systems base on J2EE may be resolved according to the solution.Theories of authorization and access control were studied in this thesis. The Role based Access Control was researched in detail. The PMI (Privilege Management Infrastructure)’s theories were discussed. And The PERMIS (PrivilEge and Role Management Infrastructure Standards validation) PMI was worked over. On this base a solution based on PERMIS PMI was designed and implemented. And a test about the solution was done on an antitype system.According to the thesis’s research and experiment, the solution possesses many characteristics: it uses AC as authorization carrier, and it can integrate with any authentication systems, and it has no relation with special applications, and it uses XML to establish system’s access control policy and so on. It adapts authorization service and privilege management of application systems, which have many users and roles and base on J2EE. And it can implement system’s access control on thin granularity. The solution has explored the authorization integration management of many systems beneficially.