Author:
Zhao Bin,Zheng Guiyue,Gao Yilong,Zhao Yanchen
Abstract
To address the problem that the traditional access-control model is no longer suitable for access control and authorization in the super business system—which has the characteristics of many businesses and complex permissions—a business entity-based access-control model (BE-BAC) is proposed in this paper. The BE-BAC model realizes the relationship between users, business entities, and business permissions. Firstly, according to the characteristics of the super business system, the concept of business entity is put forward, introducing the composition and relationship of the business entity. Secondly, the business entity is introduced into the access-control model, formally describing the basic relationship, constraint, mapping, and authorization strategy of the BE-BAC model. Finally, the access-control workflow, based on the business entity, is designed, and the security analysis and comprehensive comparison of the model are carried out. Compared with the existing access-control model, the BE-BAC model has higher security and flexibility, and better protects resources, through more secure access-request decisions.
Funder
the Natural Science Foundation of Shandong Province of China
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering