Abstract: Role-Based Access Control (RBAC) controls the user's access to resources by indirectly using roles,which simplifies the security management greatly. Although the research of RBAC model is a mature area, the lack of formalination of RBAC results in uncertainty and confusion about the concepts and meaning of RBAC. Description Logic (DL) is a kind of object based knowledge representation formalism, and also a decidable fragment of first order predicate logic, with well-defined semantics and powerful representation capability. To give a formal description of RBAC, this paper took RBAC96 as a reference model and proposed a new formalized method to RBAC with description logic, called DLRBAC,which gives formal definitions to the concepts and relations of RBAC. This paper also proved that the formal representation is faithful to RBAC model. Based on the formalized modcl,we can further study RBAC.

Key words: Access control, Role, Permission, Description logic, Role inheritance