Abstract: This paper presents an extended Role-Based Access Controls(RBAC) model based on Core RBAC model. The model discusses object sets and operation sets in detail, established groups. It carries out restrictions on power in three dimensions and realized application-oriented architecture. It enhances security and maintenance. The model is applied to Enterprise Resourse Planning(ERP) system. It is the typical representative of enterprise information system. Application result in enterprise shows that the extended model is totally suitable to it.

Key words: Role-Based Access Controls(RBAC), object sets, Enterprise Resourse Planning(ERP)

摘要： 基于Core RBAC模型，提出扩展RBAC(基于角色访问控制)模型。该模型细化了客体集、操作集，提出了组别的概念，并对权限进行三维约束，实现了面向应用的RBAC体系结构，增强了系统的安全性和易维护性。结合企业信息化的典型代表——ERP系统，对扩展RBAC模型的具体实施进行分析。企业应用结果表明，该模型适用于企业信息化建设。

关键词: 基于角色访问控制, 客体集, 企业资源计划

CLC Number: 

• TP309.2