Task–role-based access control model

摘要

There are many information objects and users in a large company. It is an important issue how to control user's access in order that only authorized user can access information objects. Traditional access control models—discretionary access control, mandatory access control, and role-based access control—do not properly reflect the characteristics of enterprise environment. This paper proposes an improved access control model for enterprise environment. The characteristics of access control in an enterprise environment are examined and a task–role-based access control (T–RBAC) model founded on concept of classification of tasks is introduced. Task is a fundamental unit of business work or business activity. T–RBAC deals with each task differently according to its class, and supports task level access control and supervision role hierarchy. T–RBAC is a suitable access control model for industrial companies.