Following the emergency of multi-level, complex and distributed information systems, the traditional RBAC model becomes more and more weak and incompetent. Currently, the research of RBAC model mainly focused on building a suitable role hierarchy, although played a certain effect it still have many problems. Through the research aiming at organizations and their characters, we believe that the reasons that cause the present problems are due to the conflict in working patterns between the RBAC model and the physical world. Thus, we propose a new access control method-Organization Based Access Control Method and the specific model- OB4LAC model. This article analyzes the constituent members, formal specification, sub-models UPA, PORA, PERA and RRA of OB4LAC, and also gives the specific process in access operations and business collaboration among multi-organizations. Through the test in many complex E-government systems, OB4LAC model achieves good results.
Digital Object Identifier (DOI)
Peng, You; Song, Yan; Ju, Hang; and Wang, YanZhang
"OB4LAC: An Organization-based Access Control Model for E-government System,"
Applied Mathematics & Information Sciences: Vol. 08:
3, Article 65.
Available at: https://digitalcommons.aaru.edu.jo/amis/vol08/iss3/65