Abstract: Role-Based Access Control(RBAC) has been widely applied to secure the operating system(OS) due to its flexibility and fine-granularity control. A novel access control model supporting dynamic role transition DRT-RBAC, is proposed on the foundation of authentication trustworthiness measurement system. In the model, through quantifying the uncertainty of authentication and constraining the bound of role transition, the process of role transition can be com- pletely transparent to the user, thus guaranteeing the safety and stability of OS. I'o measure the diversity of roles, we further introduce the Analytic Hierarchy Process(AHP) method. I3y analyzing the internal relation and structuring the hierarchical fabric,we calculate the weight for each layer. The diversity of two roles is finally obtained via comparing their weights. We implement the DRT-RBAC in CentOS 5. 4 and verify its effectiveness.

Key words: RBAC, Authentication trustworthiness measurement, Dynamic role change