| The open network environment demands much higher requirements of authorization management on its dynamic, efficiency and time. It also needs the authorization management to achieve continuous real-time control to enhance the security. The traditional static model of the authorization management obviously cannot meet those requirements.Since the user's permission can be changed dynamically at any time due to kinds of factors effect, it is of great theoretical significance and application value to study a dynamically authorize access control model.Based on the further study on UCON and combined with the widely-used RBAC model, this paper introduces the role conception into UCON as the special attribute of the subject, and gives out the usage control model with the role attribute. The detailed description and analysis about this model is also given out in this paper. By the implementation of the new authorization management framework, the following referred topics have been studied:(1) The usage control model with the role attributes.To efficiently solve the problem on the dynamic authorization management, a new usage control model has been used. Due to the abstraction of UCON model, and with the help of the widely-used and relatively mature RBAC model, the role conception is introduced as the special attribute of the subject in UCON model, which makes the model much more practical. And the detailed description and analysis are also given out.(2) The authorization management framework based on the improved usage control modelAs for the application of the model, a new authorization management framework with the dynamic authorization support is established. And the certificate that applies to the framework is also implemented. The authorization management rule is analyzed and by making use of the concept of monitoring mechanism in the workflow management system, the authorization process is efficiently managed, which proves the run-time security of this model. |
PDF Full Text Request