A description logic approach to represent and extend RBAC model

Abstract

Nowadays, all access control models take a system-centric view of protecting resources, and they don't take the context into account when controlling the permission. With the development of collaborative systems, it causes people to shift the focus on security issues from the protection of individual objects and subjects in isolated computer systems, to the protection of dynamically authorization in collaborative system. In this paper, a new access control model, extending the role-based access control model, is introduced, which models from the collaboration and dynamically manages the permissions through the collaboration context. Then the formalization of new model and reasoning on it by means of description logic ALCQ is proposed. At the end of the paper, problems that need further study are pointed out