中文摘要：

角色访问控制的应用提高了系统易用性和健壮性．分析了RBAC模型，指出其在细粒度和表达能力等方面的一些缺陷，结合UML对其重构，提出支持偏序权限建模的细粒度面向对象RBAC模型，基于该模型结合部分GoF模式设计了通用应用框架．与其它应用框架相比有着良好的通用性，支持权限关系的同异步及偏序关系表达，并在细粒度动态访问控制上具有更好的灵活性和效率．

英文摘要：

The RBAC （Role Based Access Control） application improved system usability and robustness. This paper analysised the RBAC model, and pointed out some deficiencies in its fine - grained. Combined with UML modeling, RBAC model was refactored. It put forward to object oriented RBAC model （ OORBAC ） with ability to tiny fine-grained access and supporting permission poset. Based on OORBAC model and combined with some GoF patterns, a common framework was designed. It is superior in synchronous/asynchronous and poset permission relation＇s expression,and supports dynamic access control on fine granularity more flexibly and efficiently.