COMPUTER SCIENCE
and ENGINEERING

Currently, resource sharing and system security are critical issues. This paper proposes a hierarchical system based access control model termed H-ABAC. It improves the attribute based access control(ABAC) model in reducing the management stress and addressing the problem of insufficient policy repository space. The following describes the H-ABAC model in terms of its self-administering mode, attribute definitions, policy formulation and authorization architecture, which demonstrate the advantages of H-ABAC. This supervisor mode not only reduces system administrator stress but also prevents all problems of a session in role-based access control (RBAC). Different definitions of the attributes in H-ABAC can be employed for different fields with different access control granularities, which enhances the flexibility of the model compared with traditional access control models. A scenario that illustrates how this new model is applied to the real world is provided.

Access control, Hierarchical system, Attribute based access control(ABAC), Role based access control(RBAC), System security