Integrating TBAC and RBAC for Dynamic Access Control

• Main Authors: Jin-Jiey Lee, 李俊傑
• Other Authors: Cheng-Chih Hsu
• Format: Others
• Language: zh-TW
• Published: 2002
• Online Access: http://ndltd.ncl.edu.tw/handle/70003021480173704999

碩士 === 南華大學 === 資訊管理學系碩士班 === 90 === Traditionally, the individual users are the main consideration in computer authorization-identification system. However, it needs to set a large amount of installation when the employees changed. Role-Based Access Control (RBAC), distributes the user''s authorization by the subject of roles, single or multiple, which builds the formation of whole access control structure. What the merit of this structure is to renew the user and the roles only when the members changed. Though the RBAC is a convenient managerial tool, it is lack of workflow-management, which is very important to an enterprise. On the other hand, Task-Based Authorization Control (TBAC), focus on the object of tasks, not only considers the conflicting between tasks, but also builds an authorization-step to manage every workflow. The study is based on RBAC and combined the TBAC which stressed workflow. It proposes a model of dynamic state access control to examine the probability of the model from the correlativity between tasks, and to break through the limitation of duty-conflict, task order, and task dependency during the executive period. The model not only resolves the problem of the roles lacked of workflow, but also deals with the flaw caused by the change of workflow during the executive period possibly. Because of concluding the need of static state and dynamic state access control, it is full of elasticity and practicability.