Designing a Complete Model of Role-based Access Control System for Distributed Networks

In distributed computing environments, users like to share resources and communicate with each other in order to perform their jobs more efficiently. It is important to keep resources and information from unexpected use by unauthorized users. Therefore, in the past few years there has been a strong demand for access control of distributed shared resources. Role-Based Access Control (RBAC) has been introduced and has offered a powerful means of specifying access control decisions. In this paper, we propose an object-oriented RBAC model for distributed systems (ORBAC) to efficiently represent the real world. Moreover, under the decentralized management architecture, an ORBAC implementation of the model has been extended to realize multiple domain access control. Finally, an automatic intelligent role assignment backtracking algorithm is presented. The computation complexity of the algorithm is O (N) where N is the number of roles in the authorized role set of a user.