Team and Task Based RBAC Access Control Model

摘要

In this paper, we introduce a new paradigm for access control and authorization management, called team and task based RBAC (TT-RBAC). TT-RBAC model extends the NIST RBAC model through adding sets of two basic data elements called teams and tasks. This model as a whole is fundamentally defined in terms of individual users being assigned to roles and teams, roles and tasks being assigned to teams, and permissions being assigned to roles and tasks. By virtue of team membership, users get access to team''s resources specified by assigned tasks. However, for each user, the exact privilege he/she obtains from a team is determined by his/her roles and the current activity of the team. So TT-RBAC model can provide more flexibility than the traditional RBAC model. Context-based TT-RBAC entity activation makes TT-RBAC belonging to an active security model.