An Object-Oriented Design of RBAC Systems─Taking an Insurance Company as an Example
碩士 === 國立交通大學 === 資訊管理所 === 88 === NIST has announced a new access control standard: Role-Based Access Control (RBAC), which is more applicable in the organizational context than traditional Discretionary Access Control (DAC) and Mandatory Access Control (MAC). Policies that are enforced...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2000
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/36511184095890222490 |
| id |
ndltd-TW-088NCTU0396006 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-088NCTU03960062015-10-13T10:59:52Z http://ndltd.ncl.edu.tw/handle/36511184095890222490 An Object-Oriented Design of RBAC Systems─Taking an Insurance Company as an Example 以物件導向方式設計RBAC系統之研究─以保險業為例 Jyh-Chun Wang 汪志君 碩士 國立交通大學 資訊管理所 88 NIST has announced a new access control standard: Role-Based Access Control (RBAC), which is more applicable in the organizational context than traditional Discretionary Access Control (DAC) and Mandatory Access Control (MAC). Policies that are enforced in access control systems determine the level and sufficiency for the security of internal control over resource management. How to formulate these policies is the key to succeed in developing RBAC systems. In this thesis, the author defines two kinds of security policies--active policies and authorization policies─to enable the definitions of roles’ obligations and rights. In this thesis, the author describes security policies with object-oriented presentations. In this way, the presentation are easier to be communicated to system designers, programmers, and general users. A case study on insurance companies, which are regulated by laws of the Republic of China, is carried out to demonstrate the feasibility of the author’s ideas. Jing-Jang Hwang 黃景彰 2000 學位論文 ; thesis 44 zh-TW |
| collection |
NDLTD |
| language |
zh-TW |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 國立交通大學 === 資訊管理所 === 88 === NIST has announced a new access control standard: Role-Based Access Control (RBAC), which is more applicable in the organizational context than traditional Discretionary Access Control (DAC) and Mandatory Access Control (MAC).
Policies that are enforced in access control systems determine the level and sufficiency for the security of internal control over resource management. How to formulate these policies is the key to succeed in developing RBAC systems. In this thesis, the author defines two kinds of security policies--active policies and authorization policies─to enable the definitions of roles’ obligations and rights.
In this thesis, the author describes security policies with object-oriented presentations. In this way, the presentation are easier to be communicated to system designers, programmers, and general users. A case study on insurance companies, which are regulated by laws of the Republic of China, is carried out to demonstrate the feasibility of the author’s ideas.
|
| author2 |
Jing-Jang Hwang |
| author_facet |
Jing-Jang Hwang Jyh-Chun Wang 汪志君 |
| author |
Jyh-Chun Wang 汪志君 |
| spellingShingle |
Jyh-Chun Wang 汪志君 An Object-Oriented Design of RBAC Systems─Taking an Insurance Company as an Example |
| author_sort |
Jyh-Chun Wang |
| title |
An Object-Oriented Design of RBAC Systems─Taking an Insurance Company as an Example |
| title_short |
An Object-Oriented Design of RBAC Systems─Taking an Insurance Company as an Example |
| title_full |
An Object-Oriented Design of RBAC Systems─Taking an Insurance Company as an Example |
| title_fullStr |
An Object-Oriented Design of RBAC Systems─Taking an Insurance Company as an Example |
| title_full_unstemmed |
An Object-Oriented Design of RBAC Systems─Taking an Insurance Company as an Example |
| title_sort |
object-oriented design of rbac systems─taking an insurance company as an example |
| publishDate |
2000 |
| url |
http://ndltd.ncl.edu.tw/handle/36511184095890222490 |
| work_keys_str_mv |
AT jyhchunwang anobjectorienteddesignofrbacsystemstakinganinsurancecompanyasanexample AT wāngzhìjūn anobjectorienteddesignofrbacsystemstakinganinsurancecompanyasanexample AT jyhchunwang yǐwùjiàndǎoxiàngfāngshìshèjìrbacxìtǒngzhīyánjiūyǐbǎoxiǎnyèwèilì AT wāngzhìjūn yǐwùjiàndǎoxiàngfāngshìshèjìrbacxìtǒngzhīyánjiūyǐbǎoxiǎnyèwèilì AT jyhchunwang objectorienteddesignofrbacsystemstakinganinsurancecompanyasanexample AT wāngzhìjūn objectorienteddesignofrbacsystemstakinganinsurancecompanyasanexample |
| _version_ |
1716835422432133120 |