Computer Science ›› 2017, Vol. 44 ›› Issue (8): 140-145.doi: 10.11896/j.issn.1002-137X.2017.08.025

Previous Articles     Next Articles

Dynamic Business-oriented Access Control Model

TAN Ren, YIN Xiao-chuan, LI Xiao-hui and BIAN Yang-yang   

  • Online:2018-11-13 Published:2018-11-13

Abstract: Aiming at the problems of rough-grained access control and unable to adjust authorization dynamically in business process of traditional role-based access control (RBAC) model,a business-oriented dynamic RBAC model (BO-RBAC) was proposed in this paper.Taking TBAC model as reference,business step and authorization step are introduced into this model and basic model set is defined formally.Meanwhile,the authorization process is divided into two parts,role authorization and step authorization,and the execution is regarded as random process which shows a Markov chain-based dynamic authorization method.Finally,the model is implemented with C++14 programming language.BO-RBAC model combines the features of RBAC and TBAC,which introduces such advantages of fine-grained access control,dynamically-adjusting authorization and satisfy security specifications.

Key words: RBAC,TBAC,Dynamic authorization,Access control,Markov state machine

[1] YUAN J B,WEI L L,ZENG Q H.Delegation based cross-domain access control model under cloud computing for mobile terminal[J].Journal of Software,2013,4(3):564-574.(in Chinese) 袁家斌,魏利利,曾青华.面向移动终端的云计算跨域访问委托模型[J].软件学报,2013,24(3):564-574.
[2] ZHAO M B,YAO Z Q.Access control model based on RBAC in cloud computing[J].Journal of Computer Applications,2013,32(A2):267-270.(in Chinese) 赵明斌,姚志强.基于RBAC的云计算访问控制模型[J].计算机应用,2013,32(A2):267-270.
[3] ISO.IEC14882:2014 Information technology--Programming languages--C++ [S].Geneva,Switzerland:International Organization for Standardization,2014.
[4] SANDHU R S,COYNE E J,FEINSTEIN H L,et al.Role-based access control:A multi-dimensional view[C]∥Computer Security Applications Conference.IEEE,1994:54-62.
[5] SANDHU R S,COYNE E J,FEINSTEIN H L,et al.Role-based access control models[J].IEEE Computer,1996,29(2):38-47.
[6] XIONG H R,CHEN X Y,ZHANG B,et al.Security Principles for RBAC-based Authorization Management[J].Computer Science,2015,42(3):117-123.(in Chinese) 熊厚仁,陈性元,张斌,等.基于RBAC的授权管理安全准则分析与研究[J].计算机科学,2015,42(3):117-123.
[7] WU L Y,LIU S Y ,FAN L J,et al.Research on ImprovedRBAC Model Oriented to Web Cluster Application[J].Compu-ter and Network,2015(12):53-56.(in Chinese) 吴丽颖,刘淑瑜,范霖君,等.面向Web集群应用的改进RBAC模型研究[J].计算机与网络,2015(12):53-56.
[8] ZHOU X G,LIU J W,LIU W R,et al.Anonymous Role-Based Access Control on E-Health Records[C]∥Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security.ACM,2016:559-570.
[9] CAU T,NIE Q B,OUYANG K,et al.Role-extended-basedRBAC model[J].Application Research of Computers,2016,33(3):882-885.(in Chinese) 蔡婷,聂清彬,欧阳凯,等.基于角色扩展的RBAC模型[J].计算机应用研究,2016,33(3):882-885.
[10] DENG J B,HONG F.Task-Based Access Control Model[J].Journal of Software,2003,14(1):76-82.(in Chinese) 邓集波,洪帆.基于任务的访问控制模型[J].软件学报,2003,14(1):76-82.
[11] LAPIN S.Access control model D-TBAC subject to the requirements to tasks’ performing[C]∥Proceedings of the 8th International Conference on Security of Information and Networks.ACM,2015:42-45.
[12] SHI J F,LI J H,XUE Z.Research of Authorization ModelBased TBAC[J].Communications Technology,2002(11):95-97.(in Chinese) 施教芳,李建华,薛质.一种扩展的TBAC访问控制模型研究[J].通信技术,2002(11):95-97.
[13] ZHANG Q P.Research on Tasks and Role Based Access Control Model[J].Computer Security,2008(9):74-75.(in Chinese) 张庆萍.基于任务和角色的访问控制模型研究[J].计算机安全,2008(9):74-75.
[14] SCHMIDT P J,PINTAR K D,FAZIL A M,et al.Harnessingthe Theoretical Foundations of the Exponential and Beta-Poisson Dose-Response Models to Quantify Parameter Uncertainty Using Markov Chain Monte Carlo[J].Risk Analysis,2013,33(9):1677-1693.
[15] WANG H,YAJIMA A,LIANG R Y,et al.Bayesian Modeling of External Corrosion in Underground Pipelines Based on the Integration of Markov Chain Monte Carlo Techniques and Clustered Inspection Data[J].Computer-Aided Civil and Infrastructure Engineering,2015,30(4):300-316.
[16] ISO.IEC14882:2011 Information technology--Programming languages--C++ [S].Geneva,Switzerland:International Organization for Standardization,2011.

No related articles found!
Full text



No Suggested Reading articles found!