计算机工程与应用 ›› 2011, Vol. 47 ›› Issue (24): 12-16.

• 博士论坛 • 上一篇    下一篇

SaaS平台访问控制研究

朱养鹏1,2,张 璟1   

  1. 1.西安理工大学 计算机学院,西安 710048
    2.西安石油大学 经济管理学院,西安 710065
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2011-08-21 发布日期:2011-08-21

Research on access control of SaaS platform

ZHU Yangpeng1,2,ZHANG Jing1   

  1. 1.School of Computer,Xi’an University of Technology,Xi’an 710048,China
    2.School of Economic & Management,Xi’an Shiyou University,Xi’an 710065,China
  • Received:1900-01-01 Revised:1900-01-01 Online:2011-08-21 Published:2011-08-21

摘要: Saas平台软件交付模式将应用软件以服务的形式提供给客户,可缩减硬件采购、系统管理上的开销。由于租户数据统一存储于服务提供商处,如何在维持较高资源利用率的同时保障租户的数据安全是一个挑战性问题。针对租户角色复杂、各租户数据共存而又独立访问的要求,结合基于角色的访问控制模型,构建了支持多租户、多角色、方便租户权限管理的SaaS平台的访问控制模型。和传统基于角色的访问控制模型相比,该模型增加了租户的概念,以租户为基本单元实施平台的访问控制,提高了SaaS平台访问控制的安全性和可管理性。分析了用户访问SaaS平台的具体流程,给出了模型的形式语言描述,实现了SaaS餐饮管理平台访问控制的数据库的物理模型,为SaaS平台开发提供参考。

关键词: 软件及服务, 多租户, 权限控制

Abstract: Software as a service is a new software deliver model which provides software services for customers and reduces hardware purchase and system management cost.As tenant’s data being kept in service provider,how to protect the tenant data while keeping high resource use rate is a challenge problem.To deal with the problem about complex tenant role and meet the request of all tenants’ data saving together and accessing separately,a supporting multi tenants,multi roles and easy access control SaaS model based on RBAC is proposed.Comparing with traditional RBAC,the conception of tenants is added in this model,which develops platform access control based on tenants and enhances the security and management for SaaS platform.This paper analyzes the process of user accessing to the SaaS platform and provides formal language description for this model,realizes a SaaS hotel management platform access control’s database physical model and provides suggestion for SaaS platform development.

Key words: software as a service, multi tenant, access control