Securing role-based distributed collaboration system

The idea of role has been widely applied to solving the authority, responsibility, function and interaction, which are associated with member station in organizations. Access control is a key security issue in distributed collaboration systems. After analyzing corresponding security requirements and the present status of security in distributed collaboration system, this paper presents an extensive role-based access control (ERBAC) architecture based on differentiated domain management. In this architecture, security management is classified into inter-domain one and infra-domain one, whilst, it can integrate new security policies. Based on definition of role permission type, the paper introduces a function of permission type change to make ERBAC architecture flexible. In addition, the authors discuss the methods by which the security can be implemented in an agent-based framework. The practices signify that this system can be flexibly applied various existing policy languages and protocols.