Abstract:

By means of roles, the access control model of role-based access control links an user with his permissions, which greatly reduces the complexity and  cost of authorization management.This paper presents a RBAC framework which can be used for the domain of J2EE. The framework which uses the design patt erns of software and the method of aspect-oriented programming shows strong expansibility and maintainability.

Key words: （RBAC, design patterns, aspect-oriented programming）