Abstract

We introduce a generalization of Role-based Access Control that we call the Action-Status Access Control (ASAC) model. The ASAC model addresses certain shortcomings with RBAC models when applied in distributed computing contexts. The ASAC model is based on the notion of status, and a nonmonotonic theory of access control that is founded upon the notions of events, actions and times. The approach allows automatic changes to be made to policy requirements and agent authorizations that may be based, in part, on an agent's intentional behaviors.