Title :
A Role-Based Dynamic Authorization Model and Its Implementation in PMI
Author :
Xie, Hui ; Zhang, Bin ; Hu, Dianyou
Author_Institution :
Zheng Zhou Inf. Sci. & Technol., Inst. ZhengZhou, Zhengzhou
Abstract :
The efficient authorization is the precondition of implementing access control. Traditional access control technology which lacks dynamic authorization mechanism focuses on the beforehand authorization process. Based on usage control (UCON) which is new access control technology, this paper proposes a role-based dynamic authorization model. This model extends RBAC by introducing elements of UCON such as conditions, obligations and attributes of subjects and objects. A formalized description of the model is given and its application in PMI is also discussed. The model can efficiently solve the problems caused by dynamic authorization.
Keywords :
authorisation; access control technology; discretionary access control; mandatory access control; privilege management infrastructure; role-based access control; role-based dynamic authorization model; usage control; Access control; Authorization; Computer science; Decision making; Information science; Information security; Large-scale systems; Software engineering; Technology management; Time factors; PMI; RBAC; access control; dynamic authorization; usage control;
Conference_Titel :
Computer Science and Software Engineering, 2008 International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-0-7695-3336-0
DOI :
10.1109/CSSE.2008.1287
