| With the development of Internet application, the demands for security of network keep increasing. The access control is one of the important techniques to avoid unauthorized access. It can effectively overcome the limitations of the traditional access control models, simplify the complexity, reduce the management cost of authorized access, and provide a safer access control strategy.For the lack of time concept in RBAC model, there is no consideration about the dynamic change, and no relationship between authorized constraints and time. These defects largely weaken the system security and the ability of model description. An access control model with temporal characteristic is a hot research field of the security model, whose theoretical basic is the representation of periodic time. T-RBAC supports periodic roles in enabling and disabling states by periodic event handler expressed by means of role triggers.To improve the management flexibility of access control model, the conditional cycle expression, conditional temporal concept, is introduced, based on which we put forward the Conditional Temporal Role Based Access Control (CT-RBAC) model. Meanwhile, in this paper, we introduce the concepts of group and time, which expand the RBAC model. On the basis of keeping system security and efficiency, the temporal constraint model can make the user authorization more clear and concise after the group concept introduced. Finally, to explain how to realize this Expanded Model of RBAC, we implement the given model in Network Teaching Platform Management System. The result shows that the temporal theory research is feasible. |
PDF Full Text Request