关键词: 访问控制, 工艺信息管理, 基于受控对象, 动态安全模型

Abstract: Based on study of the role-based access control (RBAC) model and the team-based access control (TMAC) model, combined with the characteristics of the technological process information management, an object-based multi-subject access control model was proposed. In this model, objects access control strategy could be inherited through the objects inheritance hierarchies and the type of access subject was expanded to more types. The model implemented a fine-grained security administration at the level of individual users and individual objects. And the access permissions were assigned effectively and were easy to be expressed. As an active security model, it considered the context of objects and users when activating the permissions. Finally, an application example was introduced to prove the feasibility and advantages of this model.

Key words: access control, process information management, object-based, active security model