Application of Role��Based Access Control ��in Management Information System
Li Jian1, Tang Wenzhong2, Song Changfu3*
1. School of Mechanical Engineering and Automation, Beijing University of Aeronautics and Astronautics;
2. Dept. of Computer Science and Engineering, Beijing University of Aeronautics and Astronautics;
3. China Talent Research & Development Center
Role based access control was being paid more and more attention as a security mechanism. Traditional access control policies, including discretionary access control (DAC) as well as mandatory access control (MAC), were first briefly introduced. An access control model based on RBAC2 was provided, which not only inherited the advantage of RBAC2, but also extended the ability of modifying individual permissions. An example application of the model is presented as a proof of its availability. The distributed management for permissions was discussed.