ISSN 1000-1239 CN 11-1777/TP

### Research and Implementation of an Extended Administrative Role-Based Access Control Model

Long Qin1, Liu Peng2, and Pan Aimin1

1. 1(Institute of Computer Science and Technology, Peking University, Beijing 10087 1) 2(School of Electronics Engineering and Computer Science, Peking University, Beijing 100871)
• Online:2005-05-15

Abstract: RBAC(role-based access control) is emphasized recently due to its simpleness, fl exibility, fine-grained control ability and strong usability, and has been prove n to be efficient to improve security administration with flexible authorization management. During the past decade, RBAC has been studied by many researchers a nd many extensions have been proposed to perfect it. Now, studies on the object part of RBAC model are relatively insufficient compared with those on the user-r ole part. A new administrative role-based access control model is proposed in th is paper, which extends the proposed NIST standard for RBAC effectively. The new model is more integrated and closer to most organizational structures by extend ing the abstracts about the objects and access type, and it can be administrated more conveniently combining with ARBAC 96 model. Based on this extended model, a secure network file system prototype is implemented.