Content-based Management of Document Access Control

Three different security models have been advocated to determine the access rights to documents in a network of computers; DAC, MLS, and RBAC. Each of these models has its strength and weakness. No one can urge that any of these models can offer alone by itself an automated support for either the security or the access rights. In this paper, we propose a content-based management model for the access control to documents in a large enterprise. The model determines the access rights to documents based on their content and automatically classifies the access levels or detects possible incorrect settings. The content-based document access control can be used in advanced business applications to allow developers to provide a high level integration of security models within business applications.