Access Control Model Based on Role and Attribute and Its Implementation

Combining the role-based access control (RBAC) model with the attribute-based access control (ABAC) model is a popular direction of current research on access control models. At present, many RABAC (RBAC + ABAC) models have been proposed. On the basis of RBAC model, these models dynamically apply ABAC rules to user-role mapping, role-permission mapping and user-permission mapping, thus realizing the usability and flexibility of access control models to some extent. But these models still have some insufficiencies in access control granularity and flexibility. This paper analyzes the defects of existing RABAC models and their causes, proposes a more fine-grained, flexible and efficient RABAC model, and realizes an access control system based on this model. Through the well-designed ABAC rules and their application modes, the system has achieved the goal of the RABAC model proposed by this paper and facilitated the administrator's management of access control rules.

[1]  Ram Krishnan,et al.  Integrating Attributes into Role-Based Access Control , 2015, DBSec.

[2]  A. Karp,et al.  From ABAC to ZBAC : The Evolution of Access Control Models , 2009 .

[3]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[4]  Xin Jin,et al.  RABAC: Role-Centric Attribute-Based Access Control , 2012, MMM-ACNS.

[5]  David M. Nicol,et al.  A framework integrating attribute-based policies into role-based access control , 2012, SACMAT '12.

[6]  Bernd Fischer,et al.  Fine-Grained Role- and Attribute-Based Access Control for Web Applications , 2012 .

[7]  Saeed Parsa,et al.  Survey on access control models , 2010, 2010 2nd International Conference on Future Computer and Communication.

[8]  D. Richard Kuhn,et al.  Adding Attributes to Role-Based Access Control , 2010, Computer.

[9]  Xin Jin,et al.  A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC , 2012, DBSec.

[10]  David F. Ferraiolo,et al.  Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .

[11]  Ravi S. Sandhu,et al.  An effective role administration model using organization structure , 2006, TSEC.

[12]  Ravi S. Sandhu,et al.  The ARBAC99 model for administration of roles , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[13]  Ram Krishnan,et al.  Attributes Enhanced Role-Based Access Control Model , 2015, TrustBus.

[14]  Alessandro Armando,et al.  Attribute based access control for APIs in spring security , 2014, SACMAT '14.

[15]  Ma Jian-feng,et al.  Research Status and Development Trends of Access Control Model , 2012 .