The need for standard RBAC models roles to be applied to CMS

With the acceleration of

enterprises informatization development, especially the government, institutions, enterprises and other fields, because the more detailed division of labor, the daily department, the user access control management flexibility and maintainability put forward higher requirements, therefore, efficient and advanced access control mode is very necessary. As for access control methods in Web environment, role-based access control (RBAC) is an effective method to solve resource access control of large and medium-sized websites. The two notable features are:

1 reduces the complexity of authorization management and reduces overhead.

2, flexible support for site security policy, and changes in the functionality of the site is very flexible.

SiteFactory CMS is easy for the development of enterprise content management system is a set of oriented government, institutions, enterprises and other fields, it is used in standard model based on the RBAC (role) access control method. As shown below, comparison of traditional authority and easy SiteFactory CMS role:


can be seen from the comparison, the current domestic large and small content management system (CMS) and information management system, mostly using the more primitive form of static access control permissions or membership of the group, can not meet the current era of Internet information explosion high maintenance, high flexibility and high uniformity characteristics, especially is the information portal, and the shop complex in the field of information industry vertical applications, therefore, the role (RBAC model) in the application of CMS will be the trend of. So, what magic does it have? Today will introduce the content is combined with dynamic role permission assignment in the SiteFactory easy to answer for you.

The concept of



role is the identity of the user in an environment that has certain matching permissions. A role is also a collection of custom permissions, where you can create multiple roles and specify multiple permissions for each role. For example, teachers, students, and forum administrators on the school web site are part of the role. For each role, he can have a series of permissions, which are relatively fixed.

SiteFactory CMS PowerEasy role is through the standard RBAC (role-based access control) model, the role of SiteFactory CMS in application example diagram. We have set up "warehouse management", "financial personnel", "salesman", "designer", "column editor", "editor in chief" and other roles, and they all have relatively independent control authority. After giving Zhang San, Li Si and Wang Wu different roles, they had a series of powers. As you can see from the diagram, the relationship between user and role is many to many. That is, a user may >