To meet users’ actual demands for fine-grained access control (FGAC) to data object in web-based parts resource sharing platform, a FGAC approach for parts resource sharing is proposed to enable both the providers and administrators to manage the permissions of parts resource jointly. In this approach, all levels of detail (LODs) are introduced in the part resource information firstly. Then, a role-based access control model for parts resource sharing, called RBAC_PRS, is provided on the basic of RBAC (Role-Based Access Control) and O-RBAC (Owners-Based Access Control) models, and the permission administration policy is also formulated in condition of the separation between ownership and usufruct of parts resource. To provide the better authorization route, two middle layers: function sets and component sets, are added in permission-role assignment process, and each role’s assignment rules are explicitly specified in an XSLT style sheet. Furthermore, an XML-XSLT based approach is adopted to accomplish the diversity expression of user-accessible view based on FGAC. And it could ensure to practice the web-based knowledge sharing system safely.
Self-Adaptive Role-Based Access Control for Business Processes
