Dissertation > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > Computer applications > Computer network > General issues > Computer Network Security

Research and Achievement of Service-based Single Identity Access Control System

Author ShiJiaQi
Tutor ZhangAiXin; GeYan
School Shanghai Jiaotong University
Course Computer technology
Keywords information security RBAC identity management access control
CLC TP393.08
Type Master's thesis
Year 2012
Downloads 10
Quotes 0
Download Dissertation

IT systems in Banks are complex applications which are commonlytechnology-intensive, diversified, structural complexity. in the course ofoperation and maintenance, illegal operations, outsourcing, and sharingamong people often occur and lead to risk.Banks usually take double review,process management and other management systems to avoid or reduce IToperational risk, but in practice there are many problems such as weak is oftena process of implementation of the system is weak implementation, lack ofeffective supervision and other issues. Therefore, how to use technology toeffectively manage user rights, user control is a very important and urgentissue.Role-Based Access Control, RBAC, is an kind of access controlmodel which is used widely. But RBAC model has its own shortage. Forexample, In a large-scale enterprise such as the bank, people’s roles are notfixed in daily IT operations and maintenances, and requirements of accessingto IT systems are often changed, and many people own some exceptiveprivileges. In such Scenario, tradional RBAC model seems not flexible.This artical is for solve the shortage of RBAC model, and extendRBAC model and encapsulate it. On the basis of IT process feature of thebank, a service-based access control model is established, called SBAC. Inthis model,the concept of service replaces the concept of role in RBAC.Access control follows the processes of business services. No matter whatpeople change in a certain sevice process, the model can apply accessauthorization efficiently through people’s identity. The SBAC model improve the shotage of RBAC model which is not flexible in some scenes.Base on SBAC model, the bank established an account accesscontrol system, called single identity access control system, which fitoperation and maintenance system very well. This system was as a part ofsystem account security manangement platform, and was deployed in thebank. This access control system solved problem that system accounts weremanaged manually, and solved other problems such as account sharing,temporary authorization in emergency, control users’ privileges difficultly. Byusing service-based access control system, accessing to IT resources becomesmuch more convenience, efficient, and secure.

Related Dissertations
More Dissertations