We propose an exception resolution service for a role based access control (RBAC) system as a supplementary service, that will increase the flexibility of RBAC systems. Our model will keep the security policies based on a RBAC system while some not role based administrations are possible. In other words, the not role based access permission is not independent from the RBAC system. The related definitions and functions are given. An implementation example shows that the service is useful and efficient in practice.
展开▼