中文摘要：

为解决权限控制交互性问题,在属性访问控制的基础上提出了一种基于表单访问权限控制策略。策略引入表单实体,使用表单和属性映射表实现了用户界面和数据属性的双向权限控制,在保留了属性访问控制安全性和灵活性的基础上,进一步提升了权限控制的用户交互性,改进的权限管理模型更适用于工程应用中权限控制的实现。最后,用图灵机对策略进行安全分析,从理论上保证该策略的安全可靠性。原型系统实现基于面向对象（OO）和面向切面编程（AOP）思想以及Java标签和Ajax技术,实现了权限控制对业务系统的低侵入性和松散耦合,加强了系统的可维护性和可重用性,并且使得该策略的有效性和灵活性得到了验证。

英文摘要：

To solve the problem of user interactiveness,based on attribute access control,a form based access control strategy was proposed. The form is introduced into the strategy,which uses the form and attribute mapping table to achieve the two- way access control of user interface and data layer. The strategy ensures the safety and flexibility of attribute access control,enhancing user interactiveness of access control further. Improved access control model is applied more strongly in access control in engineering application. Eventually,the reliability of the strategy is guaranteed in theory by analyzing its safety with turing machine. Based on Object Oriented（ OO） and Aspect Oriented Programming（ AOP）,Java Tag and Ajax technology,the prototype system,to the business system,implements low invasive and loose coupling of the access control,strengthening its the maintainability and reusability. Meanwhile,the effectiveness and flexibility of the strategy are verified.