关键词: 基于角色的访问控制，授权，安全，授权决策支持

Abstract: RI3AC is characterized by distributed management and self-management as the basic model in RBAC field. Today, many research themes on RI3AC arc almost proceeded in the field of information science, and its management and logistics background are ignored. This paper uncovered a series of management problems and logic problems existed during the research process on RI3AC, including false ternary logic basis of authorized state, un-synchronization between right and responsibility of administrators, ill-defined meaning of right leakage, unclear resource of authority, and failure in decision-making during authorizing process etc. Then it analyzed the false ternary logic problem from a logic view with a three layer framework in detail, described the background, content and deriving relationships of other manage- ment problems from a management view, explained the meaning of right leakage and origin resource of authority, put forward the mechanism on the synchronization of right and responsibility and the corresponding audit system, and de- signed the decision support mode for the administrators when authorizing. These research can provide theoretical sup- port for the development and update of RI3AC model.

Key words: RI3AC, Authority assigning, Safety, Authority assigning decision support