A Role-Based Access Control Model that Supports Authorization with The Combination of Static and Dynamic

Abstract. The traditional Role-Based Access Control(RBAC) model is widely used in enterprises, but it's control granularity is too single and it's permissions configuration is too complex. This paper introduces the concepts of coarse-granularity and fine-granularity, and puts forward a RBAC model that supports authorization with the combination of static and dynamic. In this paper, we first show the overall structure of the model, then divide the model into two parts of permissions configuration and permissions control to describe. In each part, we introduce the related basic elements and design the algorithms. Finally, this paper shows the application based on this model. And tests shows that the model is a good solution to these problems and has good feasibility and effectiveness.