中文摘要：

针对传统的基于角色访问控制（role—based access control，RBAc）的权限管理方法所存在的权限表示不灵活和授权缺乏动态性的问题，引入角色方法和角色环境函数进行了改进：用户权限由角色方法与角色环境函数共同确定，角色方法实现了用户权限数据到映射规则的表示和由映射规则重新动态生成用户权限数据，角色环境函数则考虑了当前应用环境因素的影响而对角色的当前权限进行制约。改进后较好地解决了问题，并且在实际项目中得到了应用。

英文摘要：

Two shortcomings that the description of privilege is not flexible and the authority is short of dynamic characteristic on RBAC are pointed out. An improved method is proposed that user privilege is determined by role method and role environmental function together, Role method realizes the function that convert user privilege data into the map rule and regenerate user privilege data dynamically by the map rule, Role environmental function considers restrictions what current environmental factors affect. The improved method solve the mentioned problem and is applied to some projects now.