Role based Access Control Model
角色访问控制

Role based access control (RBAC) was proposed in 70's, and prevailed in 90's, and then Sandhu etc proposed formal RBAC model. Now RBAC is attracting increasing attention, and many governmental and commercial organizations have adopted it, its importance is more and more apparent. In this paper we illuminates the distinctions and similarities of role and user groups, and based the model that was proposed by Sandhu, we examine the relationship of role hierarchies and role constraints and formally describes that, and explain the most important part of role constraints ,which is separation of duties.