Nowadays the enterprise informatization is more and more important in the development of an enterprise. With the development of enterprises' informatization construction, more attention than ever before is paid to the security of information management RBAC, as a substitute of traditional access control mechanism Discretionary Access Control (DAC) and Mandatory Access Control (MAC), the concept can meet the application of enterprise-level's access control management which have more users and different role systems. RBAC can protect the enterprise information from danger.