本文選題：SaaS + 權(quán)限管理　； 參考：《北京郵電大學(xué)》2016年碩士論文

【摘要】：隨著互聯(lián)網(wǎng)的快速發(fā)展,SaaS因其可維護(hù)性強(qiáng)的特點(diǎn),越來(lái)越受到企業(yè)的重視。在把SaaS模式引入企業(yè)信息系統(tǒng)后,解決了傳統(tǒng)ERP不足的同時(shí),也引來(lái)了企業(yè)對(duì)數(shù)據(jù)安全和權(quán)限管理的擔(dān)憂(yōu)。本文基于SaaS的軟件交付模式,設(shè)計(jì)實(shí)現(xiàn)了云招標(biāo)系統(tǒng)(面向招標(biāo)公司業(yè)務(wù)的SaaS平臺(tái))用戶(hù)管理模塊。主要內(nèi)容包括結(jié)合對(duì)需求的分析與理解,設(shè)計(jì)與實(shí)現(xiàn)包括三個(gè)方面,分別為用戶(hù)角色管理,權(quán)限管理與訪問(wèn)控制和租戶(hù)數(shù)據(jù)隔離。通過(guò)打標(biāo)簽的方式建立用戶(hù)和角色的映射關(guān)系。在企業(yè)角色層級(jí)中引入權(quán)限管理的同時(shí),加入了對(duì)用戶(hù)個(gè)人授權(quán)的機(jī)制。實(shí)現(xiàn)了在流程系統(tǒng)中控制粒度可以具體到請(qǐng)求的同時(shí),也可以按照用戶(hù)角色層級(jí)關(guān)系、管轄項(xiàng)目以及由多個(gè)請(qǐng)求組成的一個(gè)流程步驟等進(jìn)行靈活控制,并提供了對(duì)訪問(wèn)權(quán)限進(jìn)行只讀和可寫(xiě)權(quán)限的控制機(jī)制。本文著重于讓權(quán)限管理更好的支持工作流管理與控制,大幅度減輕工作流的邏輯負(fù)擔(dān),讓工作流僅需負(fù)責(zé)維護(hù)各實(shí)體的流程狀態(tài)。在企業(yè)用戶(hù)中,有權(quán)限的用戶(hù)范圍比應(yīng)該操作的用戶(hù)范圍廣泛,通過(guò)對(duì)權(quán)限分層,確定通知操作的用戶(hù)。通過(guò)給請(qǐng)求增加屬性,從而對(duì)訪問(wèn)控制實(shí)現(xiàn)更加細(xì)致的控制,如實(shí)現(xiàn)在用戶(hù)個(gè)人授權(quán)時(shí)適當(dāng)擴(kuò)展讀權(quán)限或工作流中的誤操作處理等。配合權(quán)限模塊控制系統(tǒng)中操作元素的顯示與隱藏,完成控制工作流的同時(shí),保證系統(tǒng)安全。本文第一章介紹了系統(tǒng)模塊的研究背景、國(guó)內(nèi)外的研究現(xiàn)狀和研究意義,第二章介紹了系統(tǒng)開(kāi)發(fā)涉及的背景知識(shí)和相關(guān)技術(shù),第三章對(duì)系統(tǒng)模塊進(jìn)行了需求整理和分析,第四章詳細(xì)介紹了模塊中關(guān)鍵技術(shù)的研究?jī)?nèi)容,第五章主要介紹了工程的技術(shù)實(shí)現(xiàn)細(xì)節(jié),第六章描述了模塊的實(shí)現(xiàn)效果和主要的測(cè)試用例。
[Abstract]:With the rapid development of Internet, SaaS is paid more and more attention by enterprises because of its strong maintainability.After introducing SaaS mode into enterprise information system, it solves the shortage of traditional ERP, and at the same time, it also causes the concern of data security and authority management.Based on the software delivery mode of SaaS, this paper designs and implements the user management module of cloud bidding system (SaaS platform for bidding company business).The design and implementation includes three aspects: user role management, privilege management and access control, and tenant data isolation.The mapping between the user and the role is established by tagging.At the same time, the authority management is introduced into the enterprise role level, and the mechanism of individual authorization to the user is added.It is realized that the control granularity can be specified to the request in the process system, but also can be controlled flexibly according to the user role hierarchy, the control project and a process step composed of multiple requests, etc.It also provides the control mechanism of read-only and writable access rights.This paper focuses on enabling privilege management to better support workflow management and control, greatly reducing the logical burden of workflow, and making workflow only responsible for maintaining the process state of each entity.Among enterprise users, the scope of authorized users is wider than that of users that should be operated, and the users of notifying operations are determined by stratifying the permissions.By adding the attribute to the request, we can control the access control more carefully, and extend the read permission or the misoperation processing in the workflow when the user is authorized according to the facts.Cooperating with the authority module to control the display and hiding of the operation elements in the system, the control workflow is completed and the security of the system is ensured at the same time.The first chapter of this paper introduces the research background of the system module, the domestic and foreign research status and research significance, the second chapter introduces the background knowledge and related technology involved in the system development, the third chapter carries on the demand arrangement and the analysis to the system module.The fourth chapter introduces the research contents of the key technologies in the module in detail, the fifth chapter mainly introduces the technical implementation details of the engineering, and the sixth chapter describes the implementation effect of the module and the main test cases.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2016
【分類(lèi)號(hào)】：TP311.52;TP393.09

【參考文獻(xiàn)】

相關(guān)期刊論文 前9條

1 趙衛(wèi)東;畢曉清;盧新明;;基于角色的細(xì)粒度訪問(wèn)控制模型的設(shè)計(jì)與實(shí)現(xiàn)[J];計(jì)算機(jī)工程與設(shè)計(jì);2013年02期

2 向華萍;付智輝;胡林峰;;支持授權(quán)委托的細(xì)粒度角色訪問(wèn)控制模型[J];江西師范大學(xué)學(xué)報(bào)(自然科學(xué)版);2011年04期

3 邢漢發(fā);許禮林;雷瑩;;基于角色和用戶(hù)組的擴(kuò)展訪問(wèn)控制模型[J];計(jì)算機(jī)應(yīng)用研究;2009年03期

4 魏永合;王成恩;馬明旭;;工作流系統(tǒng)中的委托授權(quán)機(jī)制研究[J];計(jì)算機(jī)集成制造系統(tǒng);2009年01期

5 宋加強(qiáng);王新生;;基于委托的虛擬組織工作流訪問(wèn)控制模型研究[J];燕山大學(xué)學(xué)報(bào);2008年01期

6 柯昌正;黃厚寬;;Ajax技術(shù)的原理與應(yīng)用[J];鐵路計(jì)算機(jī)應(yīng)用;2007年01期

7 徐震,李斕,馮登國(guó);基于角色的受限委托模型[J];軟件學(xué)報(bào);2005年05期

8 裘炅,譚建榮,張樹(shù)有,馬晨華;應(yīng)用角色訪問(wèn)控制的工作流動(dòng)態(tài)授權(quán)模型[J];計(jì)算機(jī)輔助設(shè)計(jì)與圖形學(xué)學(xué)報(bào);2004年07期

9 董光宇,卿斯?jié)h,劉克龍;帶時(shí)間特性的角色授權(quán)約束[J];軟件學(xué)報(bào);2002年08期

相關(guān)博士學(xué)位論文 前3條

1 翟治年;企業(yè)級(jí)協(xié)作環(huán)境中訪問(wèn)控制模型研究[D];華南理工大學(xué);2012年

2 朱一群;Web服務(wù)訪問(wèn)控制研究[D];上海交通大學(xué);2008年

3 葉春曉;基于角色訪問(wèn)控制（RBAC）中屬性約束委托模型研究[D];重慶大學(xué);2005年

相關(guān)碩士學(xué)位論文 前2條

1 李寧;基于角色的細(xì)粒度與高效安全撤銷(xiāo)的訪問(wèn)控制模型研究[D];廈門(mén)大學(xué);2009年

2 涂鴻雁;基于角色的Web服務(wù)訪問(wèn)控制研究[D];大連理工大學(xué);2006年

，

本文編號(hào)：1772470