The user-role and role-permission mappings are two of the most important process of the access control. Most of the present access control model lack of considering the time constraints. This paper presents a novel access control model with fine-grained time-constrains expressed by OCL (Object Constraints Language). First, we define several terms such as time points and time span which have flexible granularity. Second, four kinds of time constraints are proposed. At last, we illustrate some useful applications with the four time constraints using OCL. Through adding fine-grained time constraints on the entities and the mapping operations in the access control model, we can conclude that our access model can adapt to the real applications freely and efficiently.
展开▼