{"title":"企业应用环境中的数据权限设计","authors":"Ying Yuan, Xin Yi, Junbin ShangGuan","doi":"10.1109/AINIT59027.2023.10212755","DOIUrl":null,"url":null,"abstract":"With the continuous improvement of social informationization, the digitalization of corporate construction is also developing comprehensively. Data, as a crucial source for creating wealth and competitive advantage, is undoubtedly the most significant asset for all enterprises. However, many companies face the dilemma of insufficient data granularity and configuration flexibility, which undermines the security and availability of their data assets. Therefore, this paper proposes an Api-based data permission control model (ADPC) based on the theoretical foundation of RBAC in the background of data application in the enterprise environment. Firstly, the model maps data objects to different levels of environmental variables in the corporate department structure, then flexibly authorizes and controls permissions through API configuration, and finally verifies its security with SQL AST. The ADPC model was implemented using the Spring Boot, Spring Security and MyBatis framework and was applied in a real enterprise environment. Through this approach, the ADPC model effectively addresses the limitations of traditional data permission control mechanisms in the enterprise application environment.","PeriodicalId":276778,"journal":{"name":"2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Designing Data Permissions in the Enterprise Application Environment\",\"authors\":\"Ying Yuan, Xin Yi, Junbin ShangGuan\",\"doi\":\"10.1109/AINIT59027.2023.10212755\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the continuous improvement of social informationization, the digitalization of corporate construction is also developing comprehensively. Data, as a crucial source for creating wealth and competitive advantage, is undoubtedly the most significant asset for all enterprises. However, many companies face the dilemma of insufficient data granularity and configuration flexibility, which undermines the security and availability of their data assets. Therefore, this paper proposes an Api-based data permission control model (ADPC) based on the theoretical foundation of RBAC in the background of data application in the enterprise environment. Firstly, the model maps data objects to different levels of environmental variables in the corporate department structure, then flexibly authorizes and controls permissions through API configuration, and finally verifies its security with SQL AST. The ADPC model was implemented using the Spring Boot, Spring Security and MyBatis framework and was applied in a real enterprise environment. Through this approach, the ADPC model effectively addresses the limitations of traditional data permission control mechanisms in the enterprise application environment.\",\"PeriodicalId\":276778,\"journal\":{\"name\":\"2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT)\",\"volume\":\"53 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-06-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AINIT59027.2023.10212755\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AINIT59027.2023.10212755","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Designing Data Permissions in the Enterprise Application Environment
With the continuous improvement of social informationization, the digitalization of corporate construction is also developing comprehensively. Data, as a crucial source for creating wealth and competitive advantage, is undoubtedly the most significant asset for all enterprises. However, many companies face the dilemma of insufficient data granularity and configuration flexibility, which undermines the security and availability of their data assets. Therefore, this paper proposes an Api-based data permission control model (ADPC) based on the theoretical foundation of RBAC in the background of data application in the enterprise environment. Firstly, the model maps data objects to different levels of environmental variables in the corporate department structure, then flexibly authorizes and controls permissions through API configuration, and finally verifies its security with SQL AST. The ADPC model was implemented using the Spring Boot, Spring Security and MyBatis framework and was applied in a real enterprise environment. Through this approach, the ADPC model effectively addresses the limitations of traditional data permission control mechanisms in the enterprise application environment.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
