Papers by Author: Yun Qing Fu

Abstract: Based on previous works, this paper proposed an extended access control model for PDM system. In this model, complex access control policies are expressed and enforced to ensure the security of user role assignment, delegation and revocation of PDM system. To reduce system administrator’s work, the model provides an auto revocation mechanism which can be triggered by time, access control policies and user states. This paper also propose an implementation system architecture, an auto revocation algorithm and some examples to show how this complex policy supported access control model works in PDM system.

Abstract: In PDM system, there exist many users, such as employees, partners, and customers. To protect resource from illegal access, it is very important to enforce access control policy in PDM system. RBAC is widely used as an access control model in PDM system. But, it is difficult for RBAC to support complex access control policy. This paper proposed a simple, flexible way to express and enforce access control policy. To keep the integrity of system security and make the system administer work easier, we propose auto revocation triggered by time and access control policy in our model. At the end of this paper introduces a system architecture and auto revocation algorithm. We also give some examples to show how this model works in PDM system.