The Open Cybernetics & Systemics Journal

2015, 9 : 770-774
Published online 2015 July 31. DOI: 10.2174/1874110X01509010770
Publisher ID: TOCSJ-9-770

A New Type of WEB-based Access Control Method

Pang Xiyu and Huang Guolin
Shandong Jiaotong University, Shandong, 250357, P.R. China.

ABSTRACT

This paper has proposed a new type of WEB-based access control method which adopted the “Role-function model” user access control idea. By dividing business functions of the page in the bottom menu on the basis of the Web page organizational structure which is required by system business requirements and the user access control requirements, and using the business function as the basic unit of permission configuration, the user’s access to the page, the html elements contained in the page, their operation and other Web system resources are controlled through configuring the relationship among user, role, page, menu and the functions. The practical application showed that the access control model can effectively control user’s access to the Web system; in the meantime, it has simplified the user’s operation and possesses strong versatility, thereby efficiently reducing the workload of Web system development.

Keywords:

Business function, Role-function model, User access control, RBAC model, Role-function model, Validation method.