Task-based Access Control Model Research And Application

Task-based Access Control(TBAC) model is an active security model adopting task-centered and dynamic authorization,which can implement the minimum privilege and dynamic separation of duties principle according to the context of distributed task. Firstly,this paper analyzes the TBAC model,and considering the RBAC successful application on enterprise information system static privilege management,and the task dependences characteristics of the workflow system,put forward an improved role and task-based access control(TR_WFAC) model,which can authorize the user minimum privilege when performing the current task,and revokes user privilege when task just has finished,according to the context of workflow tasks.The static and dynamic resources privilege management technique is also discussed which facilitates the workflow task initial privilege configuration.Finally,an initial prototype system of TR_WFAC model is realized,and its system database design and key algorithms are given.