Three-Layers Role-Based Access Control Framework in Large Financial Web Systems

there are lots of sensitive and confidential data in financial field, such as credit card number, stock number, fund number and so on. Therefore, top level security requirement is always required in financial systems, where a good access control framework is necessary. Traditional role-based access control frameworks lack of control in data access granularity and often slow down the system, even though it provides an efficient access control model which can restrict users' operation according to their roles. They can hardly meet the requirements in large financial system. This article proposes and implements a Three- Layer Role-based Access Control framework (TL-RBAC) which can perfectly meet the requirements in large financial system. TL-RBAC implements access control in three layers: web pages, operations and data. Coarse-grained access control in web pages layer is used to filter anonymous attacks such as web scan and DoS attacks. Fine-grained access control in operations and data layers guarantee that the user cannot do operations and access data out of his privilege. Performance testing report of the system shows that TL-RBAC meets the performance requirement in terms of system throughput and time per operation. In order to meet security requirements of the financial system without system performance depreciation, this paper extend traditional RBAC model, designs and implements a Three-Layer Role-based Access Control (TL-RBAC). The first layer is coarse-grained access control to web pages implements by SiteMinder, which is an access control production of CA. The second layer is in web application, it makes access control by associating users and their operations. The third layer is fine-grained access control implements through database store procedure. Coarse-grained access control layer is used to filter illegal operation and hackers' attack in large scale to accelerate frequent access control. Fine-grained access control is used to bind user to the data within his privilege. In this case, user can't do any operations beyond his privilege under TL-RBAC framework and also achieves great performances in terms of throughput and time per operation.