Formal Description for an Object-Oriented Role-based Access Control Model

Chungen Xu, Sheng Gong


Role-based access control(RBAC) is a promising technology for managing and enforcing security in large-scale enterprise-wide system, and we were motivated by the need to manage and enforce the strong access control technology of RBAC in large-scale Web environments. Majority of traditional access control models were passive data-protections, which were not suitable for large and complex multi-user interactive applications. In this paper, we develop a general model to control users’ behaviors based on their roles actively, and proposes a framework of well-defined Formal Description for developers to build application-level access control based on users’ roles. It ensure that each role is configured with consistent privileges, each actor is authorized to proper roles and then each actor can activate and play his authorized roles without interest conflicts. These formal specifications are consistent and inferable, complete and simplified, abundant and scalable for diversified multi-user applications.

Full Text:



Copyright (c)

Computer and Information Science   ISSN 1913-8989 (Print)   ISSN 1913-8997 (Online)  Email:

Copyright © Canadian Center of Science and Education

To make sure that you can receive messages from us, please add the '' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.