Task-role based access control model in logistics management system

Abstract

Access control model that decides whether a principal is allowed access to a resource plays a protective role in information system. This paper argues the merits and shorts of four typical models at first, and then presents an integrated access control model-TRBAC which introduces the concept of task into RBAC model. We set up the specific structure of TRBAC and give detail definitions of the constraints in roles and tasks. Based on the TRBAC model, further study is made according to the actual requirements of access control in LMS (Logistics Management System). We establish the architecture of access control model in LMS and introduce several main functional modules. After that this paper emphatically describes how to design and implement the three major controllers including role controller, task controller and permission controller in LMS based on PaaS(Platform as a Service), with the system interfaces visually. In practical, with the combination of task and role, the TRBAC model associates the user with permission indirectly, makes the static and dynamic double control come true and assigns the permission according to the actual needs. The TRBAC model has achieved good results in the implementation of the practical application. It turns out that the model is reasonable and stable which has a practical significance and necessity.