Abstract: This paper analyzes the administrative model of RBAC and Usage Control(UCON)model, and points out the deficiency of UCON core model. Based on the results, authorization mechanism of separated rights grant and revoke is introduced into UCON model, and a role-based usage control model with time character is presented. The description of the model and its implementation administration are presented.

Key words: Usage Control(UCON), Role-based Access Control (RBAC), time character

摘要： 介绍和分析了基于角色的访问控制管理模型与使用控制模型，指出使用控制核心模型存在的不足。将权利的授予与撤消分离的授权机制引入使用控制模型，提出一种带时间特性的基于角色的使用控制模型，给出了模型的描述及模型管理的实现。

关键词: 使用控制, 基于角色的访问控制, 时间特性

CLC Number: 

• N945.12