Access control is one of the powerful and generalized approaches for restricted resource access. The environmental state is introduced and the term "action" is defined based on roles, temporal states and environmental states. Actions can be used to capture security-relevant aspects of roles, environmental and temporal states in different information systems. Then, the action hierarchy, environmental hierarchy, temporal hierarchy and Action-based access control (ABAC) model are presented. ABAC is compared with the existing models and the result shows that the ABAC model can solve the problem of access control in information systems with mobile computation for its convenient and flexible designs. An application example of ABAC model is described at the end of the paper.

• 出版日期2008-7
• 单位西安电子科技大学