Abstract

In open system, the user nodes and resource nodes are variable, it is tiresome for the system administrator to assign roles for the users, and it is almost impossible to check their priorities to access different kind of resources in the system in which the traditional Role Based Access Control (RBAC) model is adapted. To simplify the access control and standardize security strategy in open system, a flexible RBAC model based on trust is proposed. Use the evaluation between the user node and resource node to calculate the direct trust of them, and employ the evaluation among the resource nodes to get the recommended trust of the resource nodes. Using two trust values, together with the session history of user nodes and resource nodes, the system assigns the roles as well as its corresponding priorities for the user node flexibly, and recommends proper resource nodes to process their assignments. AIMD (Additive-increase, multiplicative-decrease) algorithm is adopted in the trust evaluation of the system to punish the node with malicious behaviors. Also, the notion of accuracy is introduced into the system to make the evaluation between the user and resource reasonable and objective.