A Multi-level Dynamic Access Control Model and Its Formalization

Abstract

It is a big challenge to establish a dynamic access control model to secure applications in open and dynamic environment. The dynamic feature of an access control system is sometimes related with that of applications of open environment. This paper analyzes first the reason that causes the dynamic change of access control systems and then proposes a five-level access control architecture which describes the relation between access control systems and applications, and also distinguishes two kinds of actions that may cause changes of the access control components and resources, respectively. This paper uses Role-based Access Control (RBAC) as a reference access control model and Web services as the example of applications so as to propose a special dynamic access control model. To give a formal representation of the two kind actions, this paper also proposes a dynamic description logic-based formalism.