Title :
China official documents run system and its access control mechanism
Author :
Lu, Yihong ; Song, Hantao ; Gong, Yuanming ; Liang, Yunrong
Author_Institution :
Dept. of Comput. Sci. & Eng., Beijing Inst. of Technol., China
Abstract :
Recent years, papers on role-based access control (RBAC) have increasingly emerged, but not many of them deal with real large-scale applications. In this paper, through an example system, the China Official Documents Run System (CODRS), the issues on access control tactics in large-scale organizations are discussed. Also, the paper demonstrates that it is effective to apply role hierarchy tactics in large-scale applications. The basic access control policy and management methods in CODRS are introduced and an improved role hierarchy model based on the RBAC96 model is presented. Especially, a changeable role inheriting mechanism and some other key concepts and methods used in CODRS are discussed, and a comparison between the new model and RBAC96 model is given. Meanwhile, we conclude that because of the complexity of permission requirements in large applications, using the RBAC policy only is not enough, and it is also necessary to adopt traditional access control mechanisms in practices.
Keywords :
authorisation; information retrieval; inheritance; very large databases; CODRS; China Official Documents Run System; RBAC96; document state access control system; inheritances; large database system; large-scale applications; role-based access control; user permissions; Access control; Application software; Computer science; Concrete; Database systems; Large-scale systems; Local area networks; Paper technology; Permission; Testing;
Conference_Titel :
Computer Supported Cooperative Work in Design, 2002. The 7th International Conference on
Print_ISBN :
85-285-0050-0
DOI :
10.1109/CSCWD.2002.1047736
