一种大型企业集中化分级授权管理体系设计
A Design for a Centralized Hierarchical Authorization Management System used in Large Enterprises
俞平1
作者信息
摘要
大型企业一体化应用平台运营过程中既需要集中化管理各类业务系统的访问权限,又需要满足各层级业务单元分级授权管理的需求.立足于上述需求,基于角色的访问控制理论,结合抽取共性特征、面向抽象授权、分层设计等思想设计提出了授权体系.该体系既支持对应用、模块、菜单、功能等管理颗粒度,又支持各种维度类型的数据颗粒度进行单一授权管理和分级授权管理,从而为大型企业提供一种多维度、属地化的通用授权管理解决方案.
Abstract
This paper is primarily designed to meet the needs of large-scale enterprises in the centralized management of access permissions for various business systems during the operation of an integrated application platform,as well as the demand for hierarchical authorization management for business units.Based on the theory of Role-Based Access Control(RBAC),and integrating ideas such as extracting common features,abstract authorization,and layered design,this paper proposes an authorization management system.The system supports management granularity for applications,modules,menus,functions,etc.,and also supports single authorization management and hierarchical authorization management for various dimension types of data granularity.Thus,it provides a multi-dimensional,localized general authorization management solution for large group enterprises.
关键词
分级授权/访问控制/共性特征抽取/面向抽象授权Key words
hierarchical authorization/access control/common feature extraction/abstract authorization oriented引用本文复制引用
出版年
2024
NETL
NSTL
万方数据