摘要： 资源的差异性和权限管理的复杂性导致不同应用系统中的权限管理子系统难以通用。针对上述问题，通过扩展ASP.net中已部分实现的基于角色的访问控制并扩展资源管理部分，设计一个可以在中小型Web应用系统中通用的权限管理子系统。从访问控制的粒度出发，以实例阐述其实现的关键技术，证明该系统可以简化权限管理的设计与实现，有效降低Web应用系统开发的工作量。

关键词: 角色, 访问控制, 权限管理, 资源管理, 通用性

Abstract: Privilege management subsystems are difficult to be reused in different application systems because of the differences in resources and complexity of privilege management. This paper designs a universal privilege management system that can be reused in small-and-medium-sized Web application system by expanding Role-Based Access Control(RBAC) partly implemented in ASP.net and complementing resources management. Its key technologies are expatiated with some examples from the granularity of access control, and it is proved that the system can simplify the design and implementation of privilege management and reduce the workload of Web application system development.

Key words: role, access control, privilege management, resource management, universality

中图分类号: 

• TP311