Three Level Access Control Model Based on Role, Department and Task

Xu Heng,Zhao Song-zheng,Zhang Xiao-di,Gao Na
DOI: https://doi.org/10.1109/wicom.2008.2923
2008-01-01
Abstract:A three-level access control model based on role, department and task is proposed in this paper. Task is one of the basic concepts in project management research area and department is one of the basic concepts in organizational structure theory. After introducing the concepts of task and department, this model regards them as independent authorization factor with role of the traditional RBAC96. This model could effectively reduce the amount of roles that should be assigned to the users of same position with different business scope and the other users of same business scope with different position. The practice has shown that this model could simplify the authorization management and improve the flexibility of access control.
What problem does this paper attempt to address?