At present, majority access control models mainly deal with data-protection at the back-end of applications. However, they are not applicable for large and complex multi-user applications. Though Object Technology has turned into one of the mainstream approaches for large and complex applications development, it still lacks a general model of application-level access control. While the existing models of role-based access control could simplify privilege management, they neglect the dynamic features of activated roles. This paper proposes an object-oriented model in Unified Modeling Language supporting application-level access control based on users' roles. In the model, an interface type is provided containing a set of operations as user services, which are authorized to users via their roles. To represent the activated roles, Role-Playing is introduced, and it is modeled as an active class. Every object of Role-Playing runs in particular context, which restrict users' rights dynamically and control users' interaction actively. The model is suitable for multi-user interactive computing and distributed information-processing systems.
[1]
Elisa Bertino,et al.
A flexible model supporting the specification and enforcement of role-based authorization in workflow management systems
,
1997,
RBAC '97.
[2]
Ravi S. Sandhu,et al.
Role-Based Access Control Models
,
1996,
Computer.
[3]
Prasun Dewan,et al.
Controlling access in multiuser interfaces
,
1998,
TCHI.
[4]
Ravi S. Sandhu,et al.
Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management
,
1997,
DBSec.
[5]
Roshan K. Thomas,et al.
Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments
,
1997,
RBAC '97.