Discretionary Access Control(DAC) and Mandatory Access Control(MAC) models both have some disadvantage, DAC would lead to access transfer and MAC is lack of access mechanism in same level. Compared with traditional DAC and MAC models, Role-Based Access Control (RBAC) Model can provide better flexibility and scalability. However, current RBAC models still have some problems in theoretical and application aspects. The paper focuses on the subject of the models, presented multi-object solution project in detail.The paper describes the hierarchical relations among objects by using many rules and definitions, which are merged into RBAC model to form the new model named Multi-level Object RBAC (MLORBAC). In addition, the Multi-Level Object RBAC Object-Oriented Framework has been built using the practical access control designs and experiences.The MLORBAC model is mainly used in the multi-objects systems,such as the civil aviation operation system. That model has been applied to the civil aviation operation system to satisfy its access policy, which can adapt to the dynamic change of application environment. The experiments show that the strategy works well. |