A Role and Context Based Access Control Model with UML

Author

Bao, Yubin ; Song, Jie ; Wang, Daling ; Shen, Derong ; Yu, Ge

Author_Institution

Coll. of Inf. Sci. & Eng., Northeastern Univ., Shenyang

fYear

2008

fDate

18-21 Nov. 2008

Firstpage

1175

Lastpage

1180

Abstract

As the wide uses of access control model in systems, a more agile access control model is required to solve complicated modeling, user authorizing and verifying problem. In this paper, an access control model based on the concepts of role, attribute and context, named C-RBAC, is proposed. This model is based on and further improved role-based access control (RBAC). The proposed model adds system conditions in access control, distinguishes users that belong to one role by user attributes, provides an agile and dynamic role model by adopting the concept of conditional role, and designs a more flexible access authorization mechanism to reinforce role model of RBAC. The implementation and the UML-modeling approaches of proposed model are also explained in this paper. Theoretical analysis and experiments prove that the new access control model is more effective by comparing with traditional RBAC model.

Keywords

Unified Modeling Language; authorisation; C-RBAC; UML; agile access control model; context based access control model; flexible access authorization mechanism; role based access control model; user authorizing problem; user verifying problem; Access control; Authorization; Context modeling; Information resources; Information science; Marketing and sales; Permission; Protection; Security; Unified modeling language; C-RBAC; Context; RBAC; UML;

fLanguage

English

Publisher

ieee

Conference_Titel

Young Computer Scientists, 2008. ICYCS 2008. The 9th International Conference for

Conference_Location

Hunan

Print_ISBN

978-0-7695-3398-8

Electronic_ISBN

978-0-7695-3398-8

Type

conf

DOI

10.1109/ICYCS.2008.528

Filename

4709140