ĐẠI HỌC QUỐC GIA HÀ NỘI TRƯỜNG ĐẠI HỌC CÔNG NGHỆ NG N Đ T RT KHOÁ LUẬN TỐT NGHIỆ ĐẠI HỌC HỆ CHÍNH QUY Ngành: thơng tin HÀ NỘI - 2010 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com ĐẠI HỌC QUỐC GIA HÀ NỘI TRƯỜNG ĐẠI HỌC CÔNG NGHỆ NG N Đ T RT KHOÁ LUẬN TỐT NGHIỆ ĐẠI HỌC HỆ CHÍNH QUY Ngành: thơng tin Cán ướng dẫ T T N T ậ NỘ -2010 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com C C thông tin aC , Sinh viên P LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com p (MDS) nh mơ hình thi t k h th ng v i yêu c u an ninh c công c t ng t o ki n trúc ki m soát truy c p t - LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com 2.1 2.2 2.3 Model Driven Architecture 2.4 Role-Based Access Control 2.5 10 2.5.1 Enterprise JavaBeans 10 2.5.2 Enterprise Services for Net 12 : 13 3.1 14 3.2 16 4.1 20 21 4.1.1 21 4.1.2 26 4.2 29 4.3 30 4.3.1 30 4.3.2 31 4.3.3 32 4.4 4.4.1 33 33 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com 4.4.2 33 4.4.3 34 4.4.4 35 4.5 37 4.5.1 37 4.5.2 : 37 4.5.3 : 38 4.6 38 4.6.1 38 4.6.2 39 4.6.3 40 4.6.4 41 4.6.5 42 4.6.6 45 4.6.7 Test 56 4.7 62 63 64 65 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com Vi t Vi Gi ĩ tắt UML Unifiel Modeling Language Ngôn ng MDA Model Driven Architecture MDS Model Driven Security RBAC Role-Based Access Control EJB Enterprise JavaBeans M Java OCL Object constraint language MOF Meta-Object Facilty LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com Gớ Xây Xâ Tuy nhiên, v t ph -hoc ắ ôi ắ - H : - LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com : (Model Driven Architecture) (Model driven security - MDS) (access control) nh công khai dialect), truy nh LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com 2: Ta cho dialects( ph ) ki se JavaBeans (EJB) NET cho ĩ LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com 51: 52: 53: không tham gia 52 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com public ActionResult EditPost(int id) { if(isEditPost(id)) return View(repo.GetPost(id)); else{ TempData["Deny"] = ; return RedirectToAction("Details/" + repo.GetPost(id).CourseID); } } 54: 55: 53 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com 56: 57: 54 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com 58: ? public ActionResult Join(int id) { if (!User.Identity.Name.Equals("")&& repo.GetRole(repo.GetUser(User.Identity.Name).RoleID).JoinCourse==1) { user currentUser = repo.GetUser(User.Identity.Name); repo.JoinCourse(currentUser.IDD, id); return RedirectToAction("Details/" + id); } else return View("DenyJoin"); } 59: 55 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com 4.6.7 Test : viên CourseManager : viên thông tin : 56 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com : H viên : CourseManager : viên : CourseManager : viên : 57 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com CourseManager a admin : : viên n CourseManager : Course : 58 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com ng : : S CourseManag 59 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com : Admin : : CourseManager 60 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com : Admin : 61 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com 4.7 ậ 62 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com ậ n – MDS : ĩ ĩ ĩ c , secureUML 63 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com ướ , ? ắ ban 64 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com T [1] David Akehurs transformations in a metamodel fi In UML 2002 — fi Language Model Engineering, Languages, Concepts, and Tools 5th International Conference, Dresden, Germany, September/October 2002, Proceedings, volume 2460 of LNCS, pages 243–258 Springer Verlag, 2002 [2] Gail-Joon Ahn and Ravi S Sandhu The RSL99 language for role-based separation of duty constraints In Proceedings of the 4th ACM Workshop on Rolebased Access Control, pages 43–54 ACM Press, 1999 [3] Gail-Joon Ahn and Ravi S Sandhu Role-based authorization constraints fi -tion ACM Transactions on Information and System Security, 3(4):207226, November 2000 [4] Gail-Joon Ahn and Michael Eonsuk Shin UML-based representation of rolebased access control In 9th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2000), pages 195–200 IEEE Computer Society, June 2000 [5] Gail-Joon Ahn and Michael Eonsuk Shin Role-based authorization constraints fi I I I W on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2001), pages 157–162 IEEE Computer Society, June 2001 [6] Derek Beyer C# COM+ Programming John Wiley & Sons, book and cd-rom (october 15, 2001) edition, 2001 [7] Bernhard Beckert, Uwe Keller, and Peter H Schmitt Translating the Object fi -order predicate logic In Serve Autexier and Heiko fi W : I Y’ volume 02-07 of DIKU technical reports, pages 113–123, 2002 [9] D Brewer and M Nash The chinese wall security policy In Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages 206–214 IEEE Computer Society Press, May 1989 65 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com [10] Fang Chen and Ravi S Sandhu Constraints for role-based access control In Proceedings of the 1st ACM Workshop on Role-based Access Control, pages 39–46 ACM Press, 1996 [11] Joseph A Goguen and Jos´e Meseguer Order-sorted algebra I: equational deduction for multiple inheritance, overloading, exceptions and partial operations Theoretical Computer Science, 105(2):217–273, November 1992 [12] Richard Hubert Convergent Architecture: Building Model Driven J2EE Systems with UML John Wiley & Sons, 2001 [13] ’ & 2001 [14] Torsten Lodderstedt, David Basin, and Jürgen Doser, SecureUML: A UMLBased Modeling Language for Model-Driven Security Institute for Computer Science, University of Freiburg, Germany [15] Richard Monson- ’ & Associates, 2001 [16] fi W Integrity in automated information systems Computer Security Center, September 1991 , and John M Boone Technical Report 79-91, National [17] Object Management Group Meta-Object Facility (MOF ), version 1.4, 2002 http://www.omg.org/technology/documents/formal/mof.htm [18] I Language Reference Manual Addison-Wesley, 1998 fi [19] M von der Beeck A comparison of statechart variants In Hans Langmaack, Willem Paul de Roever, and Jan Vytopil, editors, Formal Techniques in RealTime and Fault-Tolerant Systems, volume 863 of LNCS, pages 128–148 Springer Verlag, 1994 66 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com ... atomicactions i tài nguyên c th , nh ng c a th ng c p b SecureUML , h t ph n c a m 3.2 p p : cureUML UML metamodel type and stereotype SecureUML metamodel type Class «User» User Class «Group» Group... th c a ngôn ng c quy nh b ng cách s d ng m t c u hình UML p nh ng l i th xây d ng công c MDA b ng cách tách bi t cú pháp tr cú pháp c th c a UML, ta có th tích, c ti p s d ng c a ngơn ng mơ hình... The Enterprise Services Supervisor : [SecurityRole("Supervisor")] public void cancel(){ } 12 LUAN VAN CHAT LUONG download : add luanvanchat@agmail.com ộ SecureUML : RBAC Information flow 5: 13