A new model of role-based access control

A new authoritative management model,N-RBAC,which is based on the combination of role hierarchy control with the user transaction limit is presented.The public authority of the role,the shadow authority based on the role hierarchy control,and the user's private transaction restraint are defined.Compared with the traditional RBAC or its revised model,the N-RBAC is more flexible and efficient,the contradiction of generality and individuality between the role and the user is resolved.It not noly simplifies the user authorization management in the information system,but it also enables those users with the same role to have the different operating limitation to the same function module.The detailed discussions are given about the principle of design and the implementation method of the N-RBAC.It is proved in application practice that the proposed model is easy in operation and flexible in establishment.