TY - JOUR
T1 - Role and object domain-based access control model for graduate education information system
AU - Jin, Gangzeng
AU - Wang, Daojiang
AU - Yang, Dawei
AU - Hong, Daocheng
AU - Dong, Qiwen
AU - Wang, Ye
N1 - Publisher Copyright:
© 2020 The Authors. Published by Elsevier B.V.
PY - 2020
Y1 - 2020
N2 - With the booming of Chinese education informatization 2.0, East China Normal University proposes to design a new generation system of graduate education to provide better services for teachers and students. Within the graduate education system, ensuring system service availability and data security has become the primary challenge, and access control is one of the main strategies for Network security prevention and protection [1]. Hence, we proposed the role and object domain-based access control model (RDBAC) which specifies the object domain category for each role based on prior works. In the new model, when the account is assigned a role, the system specifies a specific object domain instance to achieve more fine-grained access control to student objects. Besides, on the basis of the formulation of RESTful [2] API specification and Trie tree, a matching algorithm is proposed to optimize the matching efficiency between access requests and URL patterns for more efficient system authorization. Furthermore, a comparison experiment with the regular method verifies that the Trie tree method has good performance on graduate education system including URL pattern construction, matching, and scalability. Our research also establishes that future advance of access control is a valuable avenue for education system development and will inspire much more design research for education information systems.
AB - With the booming of Chinese education informatization 2.0, East China Normal University proposes to design a new generation system of graduate education to provide better services for teachers and students. Within the graduate education system, ensuring system service availability and data security has become the primary challenge, and access control is one of the main strategies for Network security prevention and protection [1]. Hence, we proposed the role and object domain-based access control model (RDBAC) which specifies the object domain category for each role based on prior works. In the new model, when the account is assigned a role, the system specifies a specific object domain instance to achieve more fine-grained access control to student objects. Besides, on the basis of the formulation of RESTful [2] API specification and Trie tree, a matching algorithm is proposed to optimize the matching efficiency between access requests and URL patterns for more efficient system authorization. Furthermore, a comparison experiment with the regular method verifies that the Trie tree method has good performance on graduate education system including URL pattern construction, matching, and scalability. Our research also establishes that future advance of access control is a valuable avenue for education system development and will inspire much more design research for education information systems.
KW - Access control model
KW - Education informatization
KW - Graduate education information system
KW - Information security
KW - String mathcing algorithm
UR - https://www.scopus.com/pages/publications/85093360156
U2 - 10.1016/j.procs.2020.09.133
DO - 10.1016/j.procs.2020.09.133
M3 - 会议文章
AN - SCOPUS:85093360156
SN - 1877-0509
VL - 176
SP - 1241
EP - 1250
JO - Procedia Computer Science
JF - Procedia Computer Science
T2 - 24th KES International Conference on Knowledge-Based and Intelligent Information and Engineering Systems, KES 2020
Y2 - 16 September 2020 through 18 September 2020
ER -