点击次数：

论文类型：期刊论文

发表时间：2014-05-01

发表刊物：APPLIED MATHEMATICS & INFORMATION SCIENCES

收录刊物：SCIE、Scopus

卷号：8

期号：3

页面范围：1467-1474

ISSN号：2325-0399

关键字：OB4LAC; Access Control; Authorization Management; Information Security

摘要：Following the emergency of multi-level, complex and distributed information systems, the traditional RBAC model becomes more and more weak and incompetent. Currently, the research of RBAC model mainly focused on building a suitable role hierarchy, although played a certain effect it still have many problems. Through the research aiming at organizations and their characters, we believe that the reasons that cause the present problems are due to the conflict in working patterns between the RBAC model and the physical world. Thus, we propose a new access control method-Organization Based Access Control Method and the specific model-OB4LAC model. This article analyzes the constituent members, formal specification, sub-models UPA, PORA, PERA and RRA of OB4LAC, and also gives the specific process in access operations and business collaboration among multi-organizations. Through the test in many complex E-government systems, OB4LAC model achieves good results.