摘要： 分析基于角色的访问控制模型，提出一种基于RBAC模型的细粒度权限管理方法。引入细粒度权限管理的概念，把资源的访问权限按尽量小的粒度分解，并把分解后的权限分配给角色，通过给用户分配角色以及角色之间的继承关系简化权限的管理。基于RBAC模型的细粒度权限管理系统验证了该方法的正确性。该方法的设计和实现过程对于同类软件的开发具有参考价值。

关键词: 角色, 访问控制, RBAC模型, 细粒度访问控制

Abstract: A method of finely granular access control based on RBAC is brought forward after the discussion of the access control model based on role. This paper proposes the idea about finely granular access control, decomposes the access privilege of sources to less granularity, and the privilege is assigned to role, then access control can be managed easily by defining the user of the role and the inherit of roles. The validity of method is proved by the successful system of finely granular access control based on RBAC. Design and implementation process of the method have referenced value to similar software’s development.

Key words: role, access control, RBAC model, finely granular access control

中图分类号: 

• TP311.5