Papers by Keyword: Access Control Policy

Abstract: System modeling of software generally does not include security modeling. System security strategy and security mechanisms are often developed as the system supplement and improvement measures, at the latter part of system development. The irregular processing method of security requirement brings great risks to the latter security maintenance and integrations between systems. The integration of RBAC security model and the usual UML models about a system was described and the integrated approach and process was given with an example in this paper.

Abstract: In PDM system, there exist many users, such as employees, partners, and customers. To protect resource from illegal access, it is very important to enforce access control policy in PDM system. RBAC is widely used as an access control model in PDM system. But, it is difficult for RBAC to support complex access control policy. This paper proposed a simple, flexible way to express and enforce access control policy. To keep the integrity of system security and make the system administer work easier, we propose auto revocation triggered by time and access control policy in our model. At the end of this paper introduces a system architecture and auto revocation algorithm. We also give some examples to show how this model works in PDM system.