Lin Yao,Xiangwei Kong,Zichuan Xu

DOI: https://doi.org/10.1109/NCM.2008.75

2008-01-01

Abstract:Although RBAC models have received broad support as a generalized approach to access control, the administration of roles in large organizations can become quite cumbersome. In this paper, we develop a new paradigm for access control and authorization management, called task-role based access control (TRBAC) with multi-constraint. The basic idea of this model different from traditional RBAC is that roles and permissions are not connected directly but are put together by tasks. It is a dynamic authorization model with fine-grained partition on users, roles, tasks and sessions. The unit of task becomes the permission granularity. It is more convenient for enterprise privilege management such as distributed application,C/S access control and workflow management. It can reduce the administrator's burden and avoid some potential safety hazards because of adopted dynamic authorization.

黄益民,杨子江,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2004.04.005

2004-01-01

Abstract:The traditional role-based access control (RBAC) model was extended in this work aimed at studying practical ways to implement access control, enforce security administration, and acquire available information from real world to construct an access control model and establish security policies. A three-layered architecture for role-based security administration was proposed. And a practical way was presented to implement role-based access control and role-based security administration ,so that cross-platform role-based access control is implemented automatically and systematically in the security administration system.

Xiyuan Chen,Miaoliang Zhu

DOI: https://doi.org/10.4028/www.scientific.net/kem.439-440.178

2010-01-01

Abstract:Semantic; Trust Management; RBAC; User-role Assignment Abstract. The application of RBAC in access management of the enterprise services and resources is very widely. With phenomenal growth of information interaction and cooperation between distributed systems, the number of users can be in the hundreds of thousands or millions. This renders manual user-to-role assignment a formidable task. In this paper, we propose a semantic and trust based framework to automatically assign users to roles based on a finite set of assignment rules defined by authorized people in the enterprise. These rules take into consideration the attributes users own and any constraints set forth by the enterprise including the assignment history and the credit of the requester. We choose OWL to specify the user attributes.

BAO Zhigang,HU Yanjun,GU Xinjian

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.01.059

2006-01-01

Abstract:Firstly making reference to role based access control(RBAC)model,this paper proposes the basic idea about access control.Then it introduces database design of two realizing methods about access control and two methods’ realization in program,it also presents visual effect.Finally it analyzes and compares one to another in detail from two aspects of applicability and reusability.

XIA Peng-wan,CHEN Rong-guo,SUN Jian

2007-01-01

Abstract:The traditional role based access control model (RBAC) can not avoid some security flaws, because the components and the constraints of the model are too simple. Based on the traditional RBAC, a enhanced RBAC model (ERBAC) was brought forward, which expanded the components and the constraints. Besides, this new model features the separated administrative permissions, complete constraints and better utility.

Q Li,JP Shi,SH Qing

DOI: https://doi.org/10.1109/icebe.2005.23

2005-01-01

Abstract:Role-based access control (RBAC) model has been widely deployed for Web security. In some large-enterprise-wide situations, however, this model is difficult to manage due to huge amount of users, roles and interrelationships. As a result, the applications of this model are greatly limited. To address this problem, we present in this paper a decentralized RBAC model (DRBAC) by proposing a new concept of groups and by introducing non-trivial modifications to the user-role assignment of the existing models

chen lin,yang fumin,hu guanrong

DOI: https://doi.org/10.3321/j.issn:1671-4512.2002.02.035

2002-01-01

Abstract:This thesis presents a multi hierarchy model RBMHAC for role based control based on the model of the role based access control (RBAC). The concept of "domain" is introduced in this model to simulate the hierarchy management system of the real world, realizing the multi hierarchy security management efficiently through the security management of the domain users. The RBMHAC model can provide a more complete access control stratagem and manage the roles more conveniently and efficiently.

Wang Zhenjiang,Liu Qiang

DOI: https://doi.org/10.3321/j.issn:1002-8331.2005.35.009

2005-01-01

Abstract:Authority Management is a most important aspect of Information Systems.A successful information system is always supported by a well-designed access control system.Role-based access control policy,which is the focus of access control study nowadays,is more flexible and less management burden.Based on Role-Based Access Control(RBAC) and Task-Role-based Access Control,this paper gives a flexible extended access contrl models,XRBAC,standing for Extended Role-Based Access Control,which extends the definition of role management and authority.

李斓,冯登国,徐震

DOI: https://doi.org/10.3321/j.issn:0372-2112.2004.10.012

2004-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:Security policy of multilevel security DBMS is expressed by many models. One of them is access control model. Mandatory Access Control (MAC) model guarantees that information flow in multilevel databases is in accordance with security policy. Role-Based Access Control can simplify administration of privileges in multilevel databases. This paper proposes an integrated model of RBAC and MAC. Multilevel role and internal role are defined, and some modified operations in the model are presented. Administration of privileges under MAC policy is done by system automatically. The integrated model can simplify administration of privileges, and is appropriate for multilevel relation database system which has many users or complex security levels. Some implementing mechanisms of the model are provided.

LI Fan,ZHENG Wei-min

DOI: https://doi.org/10.3969/j.issn.1000-7024.2005.08.052

2005-01-01

Abstract:Access Control is an important technology in system security in which RBAC(Role-Based Access Control) is a well-known model.But RBAC is complicated in large application system.The problems existing in RBAC were analyzed and an organization and role based access control model ORBAC was proposed.The new model reduces the number of the role and the complexity of access con-trol management in application system by extending organization structure and its permissions to RBAC.

吴振兴,熊璋,方义

DOI: https://doi.org/10.3969/j.issn.1006-2475.2004.12.042

2004-01-01

Abstract:The different levels of RBAC model implementation and their characters are discussed.An implementation of RBAC model on the application level is also presented.This implementation makes use of the security character provided by the operating system to authenticate user in a high security way and introduces application server as agency between database and workstation.Based on active directory and DCOM,this implementation controlls database access reliably according to RBAC model and achieves high security.

LI Bo,HUANG Dong-jun

DOI: https://doi.org/10.3969/j.issn.1006-8937-B.2006.04.001

2006-01-01

Abstract:The paper analyzes and compares several primary ways to distribute privileges during the current design process of access system such as Discretionary Access Control(DAC), Mandatory Access Control (MAC) and Role-Based Access Control (RBAC), points out their respective characteristics and limitations of their applicability. By taking the new characteristics of modern enterprise management into consideration and combining with the existing access control model, the authors discuss the access control technology of the multi-users information system, present and realize the security control model based on role level, department level and user level in the application. Practical application makes clear that it enhances the security and maintainability of information system.

Ni Wancheng,Liu Lianchen,Liu Wei

DOI: https://doi.org/10.3321/j.issn:1002-8331.2006.21.037

2006-01-01

Abstract:Based on RBAC(Role-Based Access Control) theory,a role-page model based access control method for Web applications is given out to facilitate the Implementation of RBAC Model.Considering the characteristic of B/S application model,this method is to logically partition the business logic and the representation logic.Then the access control can be implemented by controlling the Web pages' availability to different roles.This method can be used to facilitate the construction of Web applications because it reduces the judge code of access control.And this method has already been validated in the CERS(China education Equipments and Resource Sharing) project.

吴江栋,李伟华,安喜锋

DOI: https://doi.org/10.3969/j.issn.1000-3428.2008.20.019

2008-01-01

Abstract:A method of finely granular access control based on RBAC is brought forward after the discussion of the access control model based on role.This paper proposes the idea about finely granular access control,decomposes the access privilege of sources to less granularity,and the privilege is assigned to role,then access control can be managed easily by defining the user of the role and the inherit of roles.The validity of method is proved by the successful system of finely granular access control based on RBAC.Design and implementation process of the method have referenced value to similar software's development.

ZHU Yi-qun,LI Jian-hua,ZHANG Quan-hai

DOI: https://doi.org/10.3321/j.issn:1006-2467.2007.05.026

2007-01-01

Abstract:This paper reviews the existing research work of the security technology and access control for web services, and then presents a dynamic hierarchical role-based access control model for web services. In this paper, by introducing the notion of authorization group and mechanism of hierarchical access control, the model dynamically manages privileges and protects the parameters themselves. The model improves the flexibility and independence and expansion of access control for web services, and dynamically manages privileges, and provides a more perfect security mechanism for web services, and also effectively enhances the security for web services applications.

LONG Jun,ZENG Xiao-sa,ZHANG Zu-ping

2010-01-01

Abstract:As the traditional role-based access control(RBAC) models have shortcomings when applied in lager-scale en-terprise applications,an improved RBAC model based on autonomy domain(AD -RBAC) is proposed.This model intro-duces‘autonomy domain’to describe the organization structure;divides groups into administrative group and common group,which enhances the expression capability of the group;adopts organization structure domain description model to construct group hierarchy and group types.All these contribute to the simple and intuitive realization of multi-level user authorization management.In the expert information service grid,AD -RBAC is used to achieve authorized service and da-ta access of grid nodes based on virtual domain,which proves the feasibility and effectiveness of this model.

王刚,宋执环

DOI: https://doi.org/10.3969/j.issn.1000-3428.2002.09.044

2002-01-01

Abstract:In this paper, the construction of role-based access control is discussed. Aiming at the complexity of the subjects, combined with the particularity of actions and objects in document management, considering the restriction of subject and the state of object, some improvement is made in the original RBAC and a new team-role-based document access control which is named TRBDAC model is presented. ;

Yan Chen,Chao Luo,Can Ying Huang,Shang Ping He

DOI: https://doi.org/10.4028/www.scientific.net/aef.6-7.273

2012-01-01

Advanced Engineering Forum

Abstract:As a key access control mode that multiple characters application system is presently used , RBAC(Role-Based Access Control) can solve the problem of dynamic multi-users and multiple characters excellently, but when facing complicated resource types and business processes, it must be expanding on that basis. The article has put forward and realized a permissions model which can solve complicated resource system and business processes—resource model.

ZHOU Shen-gang,ZHAO Song-zheng

DOI: https://doi.org/10.3969/j.issn.1001-3695.2005.06.073

2005-01-01

Abstract:The authority management in information systems is one of the necessary conditions to guarantee the data safety.Based on discussing the model of role-based access control and combining with the shared project of information system developing,a new RBAC-based authority control method in information system of B/S mode is presented so as to the problems in the method of access control based on user-function are solved.The new method has been applied in the course of the system developing, and the safe authority control is realized with good effect.

Cen Pengrui,Wu LingDa,Yang Chao,Yu Ronghuan

DOI: https://doi.org/10.1109/icsess.2016.7883179

2016-01-01

Abstract:Analized the task and general form of the software management; pointed out the shortages of the software repository on security. Also introduced the Role-Based Access Control model(RBAC model) which was introduced into the construction of software repository service by combining with the requirement of security management about software repository. A hierarchical access control model based on RBAC was proposed, and it database of the software repository based on RBAC was designed. The effective application of this model in the process of software management can ensure the convenience of software distribution; and meanwhile it can effectively improve the security of the software packages.