Fine-Grained Access Control Model Based on RBAC

Abstract

Military information system has unusually tough restrictions on the rank, and attaches weight to the safety and secrecy of the information. This makes the higher demands on access control on information. So a new access control model based on RBAC is prompted against the limitation of the existing models of RBAC. This model is named as fine-grained access control model based on RBAC. This model not only assigns different roles to different users, but also adds an attribute of department ,so the role and the department are combined; It realizes fine-grained access control and refines to controls of pages, so this keeps access control more precise; Role tree is used to define roles and in order to prevent the problem brought up by role inheriting, it impose s restrictions on whether it can role inherit; At last, ACL store the especial instances’ alteration. When a control is accessed, it will examine the role and department and then judge whether it can role inherit and then judge by combing ACL. So this will attain access control objective. The fulfillment indicates that this model can meet the requirement of real application of military information management system.