Abstract:The access control policy is one of the important factors for the information security of e-govemment systems. RBAC is a more widely-used access control policy, but the policy itself cannot ensure the principle of mutual exclusion of roles for the lack of expressions of workflow. To overcome this, we improve the method of process decompostition in workflow models, add RBAC to the relationship between atomic tasks in order to constitute a systematic access control policy, that is, the process-based access control policy. This policy can ensure the principle of mutual exclusion, and the principle of task decomposition conforms to the characteristics of China's e-government systems.

An Access Control Policy Suitable for the E-Government in China