Application study of role-based access control under J2EE mode

• Information security • Previous Articles Next Articles

Application study of role-based access control under J2EE mode

<a href="https://www.joca.cn/EN/article/advancedSearchResult.do?searchSQL=(((XiaoBao Liu[Author]) AND 1[Journal]) AND year[Order])" target="_blank">XiaoBao Liu</a>,

电子科技大学机电学院

Received:2005-12-05 Revised:1900-01-01 Online:2006-06-01 Published:2006-06-01
Contact: XiaoBao Liu

J2EE模式下基于角色访问控制的应用

刘孝保, 杜平安

电子科技大学机电学院

通讯作者: 刘孝保

Abstract

Abstract: By using the container-based security mechanism of J2EE, the system security of J2EE can be managed by RBAC (Role-based Access Control) without code modification of J2EE components. RBAC was realized simply by the deployment descriptor configure of J2EE container. RBAC security strategy, executed to protect J2EE system resource based on the security truss of container, was picked up from deploy descriptor. Because the development of J2EE component separates from security, the developers of components can be absorbed in the businesses logic of components. Therefore, the cost of system development and maintenance will fall down, and the components become transplantable.

Key words: role-based access control, J2EE, declarative security strategy, deployment descriptor, configure

摘要： 利用J2EE基于容器的安全机制，将基于角色的访问控制（Role-Based Access Control，RBAC）融入J2EE安全之中，用RBAC来管理J2EE组件安全而不需修改各组件的代码。RBAC的实现只需通过容器部署描述符配置既可，系统运行时，容器从部署描述符中读取出相应的RBAC安全策略，然后根据安全策略执行安全验证，实现RBAC对系统资源的保护。这样，组件开发和系统安全相分离，开发人员可不关心系统安全，集中精力投入组件的业务逻辑开发，安全问题由组件组装人员、部署者和系统管理员来完成。因此，降低了对编程人员的要求和系统开发成本开发成本，也提高了系统组件的可移植性。

关键词: 基于角色的访问控制, J2EE, 申明性安全策略, 部署描述符, 配置

XiaoBao Liu;. Application study of role-based access control under J2EE mode[J]. Journal of Computer Applications.

刘孝保; 杜平安. J2EE模式下基于角色访问控制的应用[J]. 计算机应用.

[1]	Dayan ZHAO, Huajun HE, Yuping LI, Junbo ZHANG, Tianrui LI, Yu ZHENG. Access control model for government collaboration [J]. Journal of Computer Applications, 2025, 45(1): 162-169.
[2]	WANG Haiyong, PAN Qiqing, GUO Kaixuan. Access control model based on blockchain and user credit [J]. Journal of Computer Applications, 2020, 40(6): 1674-1679.
[3]	SUN Wei LI Yanling LU Jun. Authorization query method for RBAC based on partial MAX-SAT solver [J]. Journal of Computer Applications, 2013, 33(05): 1367-1390.
[4]	YE Chun-xiao GUO Dong-heng. Research on secure interoperation in multi-domain environment [J]. Journal of Computer Applications, 2012, 32(12): 3422-3425.
[5]	XIAO Jing-feng WANG Xiao-dong YAO Yu. Underground pipe network spatial analysis in large plant with ArcGIS [J]. Journal of Computer Applications, 2012, 32(09): 2675-2678.
[6]	XU Ling JIANG Xin-zhi ZHANG Jie. Design and implementation of two-dimensional code recognition system in mobile phone [J]. Journal of Computer Applications, 2012, 32(05): 1474-1476.
[7]	GAO Da-li SUN Ling XIN Yan. Constrained role-permission based delegation in pervasive computing [J]. Journal of Computer Applications, 2011, 31(05): 1298-1301.
[8]	. Flexible Agent delegation model based on RBAC [J]. Journal of Computer Applications, 2010, 30(07): 1797-1801.
[9]	. Research on private permission in RBAC role inheritance [J]. Journal of Computer Applications, 2010, 30(05): 1230-1232.
[10]	. Research on system of design reuse for parts based on ontology [J]. Journal of Computer Applications, 2009, 29(3): 716-721.
[11]	Yun Xia. Research of Hibernate frame-based data persistence and its application [J]. Journal of Computer Applications, 2008, 28(9): 2446-2448.
[12]	Run-lian ZHANG Xiao-nian WU Xiao-she DONG. Dynamic authorization scheme based on delegation in distributed system [J]. Journal of Computer Applications, 2008, 28(6): 1365-1368.
[13]	. Model for access control system based on RBAC and GFAC [J]. Journal of Computer Applications, 2008, 28(3): 612-614.
[14]	. G-R_TRBAC access control model in grid environment [J]. Journal of Computer Applications, 2008, 28(12): 3214-3216.
[15]	. Research,improvement and implementation of RBAC model [J]. Journal of Computer Applications, 2006, 26(12): 2945-2947.