An Administration Iteration Problem and its Solution when Deploying the RBAC Model

Abstract

Access control is an important infrastructure of an information system. Role-Based Access Control (RBAC) model is the main-stream access control model. When deploying a RBAC model, there is an administration iteration problem which needs the information engineers to define the administrator structure before running the RBAC model, which make the deploying process redundancy and complex, make the running process rigid, and result in decrease of control capability of RBAC model. We present a top-down method. In this method, we define the administration authority as the source of management authority and set up the right and liability mechanism of RBAC. By this method, the administrator structure will be defined and expanded by administrators according to application requirements, and the right and liability mechanism can make sure these administrators should perform their management authorities responsibly and legally. Our method can solve the administration iteration problem and improve the flexibility of RBAC model.