Research on object-oriented role-based access control model

Abstract

We provide an object-oriented model for role-based access control (RBAC). In RBAC, permissions are associated with roles. Users are assigned members of roles, thereby obtaining the associated permissions. Administrators dominate the authorization of access permissions to make target resource available for users. We introduce the concept of object to provide an efficient access control mechanism for multidomains distributed system with centralized control and decentralized management of the policy controller. This model discusses static and dynamic role authorization, and further analysis of dynamic features of the model.