The resource access authorization route problem in a collaborative manufacturing system

摘要

Most of collaborative manufacturing systems are based on or involved in distributed information systems. Access control model, as an important infrastructure facility of information system, is frequently employed to control the resource sharing and cooperation in a collaborative manufacturing system. However, Configuring and running an access control model in a collaborative manufacturing system is a more complex problem. The reason is that there are more resources to be accessed and more complex security policies and rules from different partners to be obeyed in such a system than these in an individual information system. Un-intuitional semantic of security policies directly result in administrators' confusion in judging the legitimacy of authorization actions. They don't even know which authorization actions should be performed and what performing order should be executed by. So, it is necessary to configure an authority action sequence, including an authority action set and the performing order, to help the administrators to perform the given authorization task without violating these multisource security policies and rules. In this paper, how to configure the authority action sequence is defined as an authorization route problem at first. Then, the problem is modeled as a classical planning problem and a GraphPlan algorithm is revised to solve it. Based on the modeled problem and the revised algorithm, a prototype system named PolicyProber is developed to provide an authority action sequence for administrators in a visual way. Several cases are used to demonstrate the effectiveness of the presented model, method and algorithm. The research achievements and its application in industry can help administrators make correct decisions, which can strength the safety of a collaborative manufacturing system indirectly.