Application Research Of Role Based Access Control For Computer Supported Cooperative Work In Design

Role based access control model has been developed as a kind of important access control technology extensively on the base of discretionary access control and mandatory access control for a decade. The feature of role based access control is that users are assigned to roles, permissions are assigned to roles, and users are acquired permissions by being members of roles. Thereby it realizes the logical separation of users and privileges. For the advantages of role based access control, more and more scholars contribute to this field, which makes it a hotspot in access control domain.Today, computer supported cooperative work in design obtained the vigorous development, presented the cross region, large-scale, complication and many other characteristics. However, the traditional role based access control was bring forward under the background of centralize, so it doesn't adequate in large-scale cooperative design system. The management of the system plays a very important role in the cooperative environment. It would increase the management load of the system if all the authorization were completely depend on the system manager. So a sort of telescopic management delegation model is needed in cooperative design system. At the same time the access control lists are of many disadvantages such as lower description and flexibility, not easy transmission in large scale network. So it can't fit for the requirement of access control in cooperative system. There are so many studies and improvements in this area, especially in how to effectively build the role based access control model for the characters of cooperative system. This paper discuss the research work from above aspects , and the innovations are as follows:Firstly, the concept of domain is introduced, which is the attribute of subject and object while the resource access is from the same or the different area. Then the roles selections are much more flexible.Secondly, this paper present a task and reliance based constrained delegation model ,which helps the users to delegate their tasks conditionally. Then a kind of telescopic decentralized management delegation model is shaped. As a result, the burden of the delegation management is greatly reduced in cooperative design system.Thirdly, using XML documents to take the traditional access control lists, enables the system to have the good flexibility and the feasibility. XML Schematron can validate the access control strategy and realize the control constraint management.Finally, the improved model is applied to the project of innovation based cooperative design system. The programming environment is VC++.NET 2003 in HOOPS/ACIS. The analysis of instances shows that the results are quite satisfying which is based on the mobile-telephone appearance modeling.