Abstract:As a hot service mode, SaaS has some problems such as coarse data granularity and insufficient configuration flexibility in the permission control of its service framework. Therefore, a fine-grained data permission control model (FDPC) was proposed based on the theory of the role based access control (RBAC)model and the characteristics of SaaS. Firstly, data objects and enterprise organizational structure were mapped by the model into data permissions of different granularities. Secondly, the method of combining the objects in the functional permission set and the data permission set in pairs to form a combined permission object was adopted according to the business requirements of enterprise authorization. Different roles were assigned to achieve the purpose of flexible authorization and fine-grained data control. Finally, Spring Security and MyBatis frameworks were selected. According to the AOP slicing principle, the FDPC model was implemented by structured query statement splicing and the authority control framework was constructed. Through the application in the actual business system, results show that the framework is reasonable and feasible, and the flexibility of authority control is effectively improved.