Trust-degree and attributes based RBAC authorization model
一种基于可信度和属性的RBAC授权模型*

For the problems including the ambiguity of user role assignment, the unitary of user authorization certification decision-making, and the conflicts between role number and management etc in the traditional RBAC, the paper presented an improved RBAC model named TA-RBAC that combined attribute and trust-degree. The model made the authentication for the traditional model perfected by adding to the credibility authentication of user and their platforms, ensured that authorized process of the system was more reliable. Meanwhile, it extended authorization mechanism of traditional model using the concept of trust-degree and attributes. It implemented user dynamic role assignment through the corresponding user authentication credibility assigned. By introducing attribute into assign permissions, it realized object activation operation, effectively reduced the number of roles and implemented more fine-grained authorization. Finally, the paper gave the authorized process of the model and the application examples in digital home.