摘要： 标准的基于角色访问控制(RBAC)通过角色对用户和权限进行解耦，从受控资源角度来讲是一维的。该文提出可视数据簇的概念，将授权时间维和可视数据簇维引入RBAC中，论述基于角色的三维空间访问控制模型ACBR3D。给出授权约束的可视数据簇维扩充以及ACBR3D的形式化描述。与已有的访问控制模型相比，该模型对受控资源的描述更加精确，访问控制粒度更小。

关键词: 基于角色的访问控制, 可视数据簇, 三维

Abstract: The normal Role-Based Access Control(RBAC) model configures the model resources through roles, and this model is one-dimensional according to the manipulated resources. This paper proposes a new conception——visual data muster, gives a three-dimensional access control model——ACBR3D, which is based on role, authorized time and visual data muster, and describes the ACBR3D model. The former constraints are extended so that it can describe the visual data muster character. Compared with other models, this model has many merits such as accuracy, flexibility and small granularity.

Key words: Role-Based Access Control(RBAC), visual data muster, three-dimensional

中图分类号: 

• TP309.2