Affiliations:
Faculty of Information Technology, Beijing University of Technology, Beijing, China
Correspondence:
[*]
Corresponding author. Fangbo Cai, Faculty of Information Technology, Beijing University of Technology, Beijing university of technology, 100 pingleyuan, chaoyang district, Beijing, China. E-mail: caifangbo@emails.bjut.edu.cn.
Abstract: Access control is an important mechanism to protect sensitive information and relational system resources. The traditional access control model (TACM), such as DAC, MAC, RBAC, etc., is no longer suitable for open network due to the lack of dynamic permission management. The increasing network nodes make the information storage and resource access becoming distributed. The traditional access control model has the characteristics of low adaptive ability and single deployment and application mode due to the centralized management mode. Therefore, this access control environment inevitably puts access control pressure on access control authorization. In order to overcome the shortcomings of traditional access control model, a new access control model named DMPAC (Distributed management of permission for access control model) is proposed in the paper. The authorization mechanism of the model has a distributed and dynamic management access permission, and all nodes covered by the model have the opportunity to participate in the execution of access and control. The model DMPAC provides the benefits of traditional access control models in terms of secure access and dynamic management. We also describe the framework and execution process of the model and the application of DMPAC in access control. At last, we will present some experimental results to show that while maintaining the effectiveness of distributed access control through the management of access permissions, DMPAC can achieve the performance of traditional access control models.
Keywords: Network security, access control, distributed model
