| Access control is a very important aspect in security of information system. It has been a hotspot of access control, especially in large-scale distributed system. Role-Based Access Control (RBAC) is the center of the Enterprise application. RBAC can enhance access control capability, reduce the complexity of authorization, enhance management effectively and the security of information system.Multi-Constrains Role-Based Access Control Mechanism get the roles from the realy environment. The role include the subject roles, environment roles, object roles and temp-roles, thus offer more expressive power and control power.Its fits the dynamic employee and organization structure. The model extends the traditional RBAC by incorporating thin granular permissions control and enough Constrains in authorization.In this paper, RBAC and TRBAC are analyzed, and the multi- constrains is associated with role-based access control mechanism, thus permissions are managed according to the context such as the states of environment and requirements of current task. Thin granular permissions control and time constraints are introduced to allow finer granular permissions control and dynamic authorization, thus some problems of complex constrains such as separation of duty can be solved effectively, and this provide a good base for secure active access control.The work has improved RBAC on the capability of dynamic access control. Its make a reasonable consequence, in order to make the roles and permissions in the applications can fit the true world.Its can be used for reference by their practical application in Role-Based Access Control, especially in dynamic environment. |
PDF Full Text Request