Design And Implementation Of ATRGBAC Model With Self Adaptation Between Dynamic And Static Access Control

With the accelerated pace of informalization in China, we have been making use of information systems on administration and management in more and more places. The use of information systems brings people lots of security problems while bringing people great convenience. Access control is an important means of achieving security and safety for information systems. Access control model can provide feasible security strategies for sharing and allocating information resources in multi-user systems. Traditional access control models, including MAC model and DAC model, have no longer been able to meet the security need of contemporary systems. Although RBAC model has been used extensively because of providing a flexible and neutral kind of access control mechanism for systems, it can't realize temporary authorization control for its static style of authorization and can't guarantee the movement of business process in the desired direction. TBAC model is a voluntary kind of access control model providing dynamic authorization. It can realize the distribution of permissions according to the need by the way of updating authorization information flexibly according to the movement of information in systems and the situation of the tasks. But it can't support some valuable static access control elements like role. Although T&RBAC unites the advantages of RBAC model and TBAC model, it still belongs to dynamic access control model essentially. Confronted with the complicated situation that static access control requirements and dynamic access control requirements and the requirements of mutual switch between static and dynamic access control coexist in contemporary information systems, we think that a more flexible and more comprehensive access control model is urgently needed to be researched.A kind of access control model named ATRGBAC is created, which is based on the character of intelligence and has the feature of self adaptation between dynamic and static access control. Having integrated RBAC and TBAC and supporting group and self adaptation between dynamic and static access control, this new model can provide comprehensive and flexible and reliable access control techniques for complicated and variable information systems nowadays. The greatest feature of this model is that it not only can realize dynamic access control and static access control respectively, it also can achieve the access control that supports the coexistence of dynamic and static access control and mutual switch adaptively between dynamic and static access control. The function of self adaptation between dynamic and static access control the model holds...