信息安全在智能电子交互式技术手册(Interactive Electronic Technical Manual,IETM)系统中是十分重要的，但是针对这个问题的研究还比较少。智能IETM的应用越来越广泛，因此在许多重要领域中，对智能IETM中的信息安全具有较高的要求。本文研究智能IETM中信息安全管理的两个关键技术，主要内容如下： （1）针对用户在权限内访问系统资源的问题，研究了访问控制技术。在IETM系统中运用了基于角色的访问控制模型(Role-Based Access Control, RBAC)。针对RBAC模型存在的局限，从授权方式、主客体粒度、权限继承三方面对其进行了改进。本文用形式化的语言描述了改进的RBAC模型，设计了访问控制流程，实现了智能IETM中RBAC模型的基本管理功能。通过非法访问实验，验证了改进后的RBAC模型在IETM系统中的有效性，确保系统资源受控、合法地被访问。 （2）针对数据库中数据易泄露的问题，研究了数据库加密技术。采用了二级密钥管理机制保护密钥安全，并且通过对密文追加字符串的存储方式确保密文的安全。设计并实现了便携式维修辅助设备(Portable Maintenance Assistant, PMA)上禁止数据库文件复制、拷贝的功能，进而保证数据库中数据的安全。测试了数据库加密模块的性能，测试结果表明主密钥更换对系统响应时间性能影响小，工作密钥更换对系统响应时间性能的影响是随着数据量的增加而增加的，密文数据库中插入和读取数据对性能影响较小，达到了设计指标。 （3）采用B/S模式、ASP.net框架开发了智能IETM系统，其主要有四个功能模块：浏览子系统、管理子系统、故障维修辅助系统、维修训练辅助系统。对智能IETM中的信息安全管理进行了测试，验证了各个模块功能的正确性。

Information security is very important in intelligent Interactive Electronic Technical Manual (IETM). But there are few researches on this problem. The intelligent IETM is used more and more widely. In many important fields, they have a high demand for information security in intelligent IETM. Two key technologies of information security management in intelligent IETM was studied in this thesis. The main contents are as follows: (1)Aiming at the problem that users should access the system resources within their permission, access control technology was researched. Role-Based Access Control (RBAC) model was used in the IETM. Aiming at the limitation of RBAC model, an improved RBAC model which improved from three aspects which are the way of authorization, the size of subjects and objects and the way of permissions inheritance was proposed. The improved RBAC model was formally described. The access control process was designed and the basic management functions of access control in IETM were implemented. The validity of the improved RBAC model in the IETM system was verified by an unauthorized access experiment to ensure that the system resources were accessed legally and under control. (2)Aiming at the problem that the data in database is easy to be leaked, the database encryption technology was studied. Two level key management mechanism was used to protect the security of the key, and the security of the ciphertext can be ensured by the way of adding the strings. The function of banning database file copying on Portable Maintenance Aids (PMA) was designed and implemented. The performance of the database encryption module was tested. The result showed that the replace of master key had little effect on the system performance. The effect of work key replacement on the system performance was increased with the data volume. Inserting and reading data in ciphertext database had little effect on system performance. Which achieved the design specifications. (3)The intelligent IETM system was developed by B/S mode and ASP.net framework. It mainly has four function modules: browsing subsystem, management subsystem, fault maintenance assistant system, maintenance training auxiliary system. The information security management in intelligent IETM was tested to verify the correctness of each function.