Research On Role-Based Access Control In Information Grid

Access control is a very important aspect in security of information grid,which affects the operation of users in grid system.Role-Based Access Control(RBAC)is an usual mechanism in accessing control,which can not only enhance access control capability but also reduce the complexity of authorization management effectively.It has been a hotspot of access control,especially in information grid accessing control.The information grid is a distributed information system,which use grid technology to implement the sharing and management of information and provide of information service,and information grid can sharing informations by many organizations and individuals,and provide users in grid system of much richer information service.However,the character that information grid has multi-manage domain makes access control in information grid condition more difficult,and are difficult to meet the requirements of efficient access control.The access control work among manage domain in information grid refers to authorization,validation and private privilege,which is the research points of this dissertation.The domain credible mechanism,the authorization and validation mechanism when trusting the third point and the user-privilege relation mapping mechanism are recently used in resolve the problem of authorization and validation among manage domain,but they have the disadvantages of expensive managing, unagilitive and difficult to achieve.This dissertation present a way of authorizing privilege beforehand and validating twice basing on analyzing characters of information grid and RBAC summarizing the problems in multi-manage domain accessing control,which can give high and efficient service in access control. We also analyses two present resolvations that use private roles and deepness fist notes ,from which we then know they can result in role inflate and compages explosion. Then we present a new resolvation with privilege transmit deepness, design an ex-RBAC model to resolve private privilege based on RBAC model,which can reduce the quantity of roles,play down the complexity of management and make the privilege private among manage domain in information grid.The Work has improved on the capability of access control among manage domain in information grid, and can be used for reference by their practical application, especially in grid environment.