| Summary: | 碩士 === 中原大學 === 資訊工程研究所 === 92 === Due to the development of information technologies, more and more manual operations in enterprises are replaced by computerized operations. Thus, it is important to control user’s access permissions to enterprise information.
The Role-Based Access Control uses Roles as a mapping between users and permissions, which can simplify the management of the access rights. Dynamic Separation of Duty is an important characteristic of RBAC, which means that one can assign some DSD roles to a user, but those roles can not be activated at the same time.
In this thesis, we will research on how to design and implement DSD in an access control system. An administrator can specify the DSD relationship between the roles, and a user can select which DSD roles to be activated when he or she logins.
|
|---|
