| Since Role-Based Access Control (RBAC) shows great advantage in meeting the security need in large-scale and enterprise-wide system, RBAC becomes the hot topic in access control research field. Researchers have proposed several RBAC models,which include the famous RBAC96 model. However, these frameworks are sometimes hard for system developers to understand because the models'definitions are too abstract or focus on application-oriented solutions. In this paper, a new model (DRBAC model:Dynamic Role-Based Access Control) is discussed, which is the improved model to RBAC3 model in RBAC96 model family. Compared with RBAC3 model, DRBAC model is more concrete and easier to understand. Firstly, the technology of access control is introduced in this thesis including MAC(Mandatory Access control),DAC(Discretionary Access control) and RBAC(Role-based access control).Secondly, DRBAC model is put forward, which includes base set, consistency rule and the definition of behavior. Based the RBAC3 model, a new relation and set are involved in the DRBAC model. The DRBAC model is partly implemented in network monitoring system which is supported by National 863 Project.It is shown that the applicability , the flexility and broad application outlook of the DRBAC model through the system. |
PDF Full Text Request