Design and Implementation of Role-Based Access Control on the Web
碩士 === 國立臺灣大學 === 資訊工程學研究所 === 88 === Huge companies provide Web-based services to their external and internal clients who can access information in a uniform manner. WWW becomes a standard user interface and plays a key role in e-commerce and information management. However, the security problems a...
Main Authors: | , |
---|---|
Other Authors: | |
Format: | Others |
Language: | zh-TW |
Published: |
2000
|
Online Access: | http://ndltd.ncl.edu.tw/handle/58713594763993352940 |
id |
ndltd-TW-088NTU00392027 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-TW-088NTU003920272016-01-29T04:18:37Z http://ndltd.ncl.edu.tw/handle/58713594763993352940 Design and Implementation of Role-Based Access Control on the Web 以角色為基礎作網頁伺服器的存取控制之系統設計與實作 Jau-Hao Tseng 曾俊豪 碩士 國立臺灣大學 資訊工程學研究所 88 Huge companies provide Web-based services to their external and internal clients who can access information in a uniform manner. WWW becomes a standard user interface and plays a key role in e-commerce and information management. However, the security problems are more and more serious, including unauthorized access especially in a dynamic and complex Web environment. The current approach to access control is “Access Control List (ACL)” that is costly and prone to error. Recently there is much research on “Role-Based Access Control (RBAC)” that is a promising technology for reducing cost and complexity of security administration. This thesis describes two models to implement RBAC on the Web. The basic model adds the RBAC capability to a Web server. The advanced model is firewall architecture and supports RBAC on a Web proxy. Two models are compatible to current Web standards and place no requirements on Web browsers. Besides, the design relies on off-the-shelf components so the implementation is very easy. Jau-Hsiung Huang 黃肇雄 2000 學位論文 ; thesis 36 zh-TW |
collection |
NDLTD |
language |
zh-TW |
format |
Others
|
sources |
NDLTD |
description |
碩士 === 國立臺灣大學 === 資訊工程學研究所 === 88 === Huge companies provide Web-based services to their external and internal clients who can access information in a uniform manner. WWW becomes a standard user interface and plays a key role in e-commerce and information management. However, the security problems are more and more serious, including unauthorized access especially in a dynamic and complex Web environment. The current approach to access control is “Access Control List (ACL)” that is costly and prone to error. Recently there is much research on “Role-Based Access Control (RBAC)” that is a promising technology for reducing cost and complexity of security administration. This thesis describes two models to implement RBAC on the Web. The basic model adds the RBAC capability to a Web server. The advanced model is firewall architecture and supports RBAC on a Web proxy. Two models are compatible to current Web standards and place no requirements on Web browsers. Besides, the design relies on off-the-shelf components so the implementation is very easy.
|
author2 |
Jau-Hsiung Huang |
author_facet |
Jau-Hsiung Huang Jau-Hao Tseng 曾俊豪 |
author |
Jau-Hao Tseng 曾俊豪 |
spellingShingle |
Jau-Hao Tseng 曾俊豪 Design and Implementation of Role-Based Access Control on the Web |
author_sort |
Jau-Hao Tseng |
title |
Design and Implementation of Role-Based Access Control on the Web |
title_short |
Design and Implementation of Role-Based Access Control on the Web |
title_full |
Design and Implementation of Role-Based Access Control on the Web |
title_fullStr |
Design and Implementation of Role-Based Access Control on the Web |
title_full_unstemmed |
Design and Implementation of Role-Based Access Control on the Web |
title_sort |
design and implementation of role-based access control on the web |
publishDate |
2000 |
url |
http://ndltd.ncl.edu.tw/handle/58713594763993352940 |
work_keys_str_mv |
AT jauhaotseng designandimplementationofrolebasedaccesscontrolontheweb AT céngjùnháo designandimplementationofrolebasedaccesscontrolontheweb AT jauhaotseng yǐjiǎosèwèijīchǔzuòwǎngyècìfúqìdecúnqǔkòngzhìzhīxìtǒngshèjìyǔshízuò AT céngjùnháo yǐjiǎosèwèijīchǔzuòwǎngyècìfúqìdecúnqǔkòngzhìzhīxìtǒngshèjìyǔshízuò |
_version_ |
1718167357566746624 |