A Hierarchy Controllable RBAC-Based User Access Control Model

摘要

Access control is a significant concept in the fields of information security. However, to date, it is still difficult to design an effective access control mechanism to support numerous users incorporating numerous different roles. In this paper, we present a hierarchy controllable user access control model based on traditional RBAC (HCRBAC). The permission lock technique which can effectively control the permission's conferral and retrieval is presented in detail. A treelike multi-hierarchy permission management mechanism for any users and any roles is implemented so that the user in any hierarchy can effectively control its subordinate users' permissions respectively. HCRBAC can alleviate the drawbacks of current access control mode and implement the management among different administrated domains in the decentralized management.