The RBAC model and implementation architecture in multi-domain environment

摘要

Nowadays in the IT convergence environment, the Service Oriented Architecture has its unique significance. The RBAC model has a variety of advantages in protecting the security of services. When the network is extended to a certain scale, it must be divided into multi domains for convenient management. However, the study to the RBAC model can be applied in multi-domain environment is still lacked. Corresponding feasible implementation architectures for the individual and composite services are also in weak. In this paper, we proposed a domain model and a domain based RBAC model can better adapt to the multi-domain security requirements. Then based on the model we designed feasible and efficient access control architectures respectively focusing on the individual services and different type of composite services. The evaluation cases showed the proposed model and implementation architectures achieved desired effects and the performances are in promising.