Action-based multi-level access control model

The developments of communication, computer, and multimedia technologies have speeded up information transmission. The information has been becoming multi-dimensional. The multi-level security could not only ensure the correctness of information transmission, but also keep the integrality and confidentiality of the data. The traditional multi-level security models have been implemented with the classic access control models, such as RBAC (role-based access control), which solve the problems of multi-level access control to some extent. But they could not accommodate the users' requirements of multi-level permission management at anytime and anywhere with the consideration of the temporal and environmental factors in the existing multi-level security access control mechanisms. How to implement the multi-level access control with the consideration of time and environment has become a problem to be solved. Firstly, we present an action-based multi-level access control model, which integrates the BLP and ABAC (action-based access control) together by extending the security level to action. Secondly, in order to solve the problem of permission specification with time and environment, we make the description of security level more detailed by defining the reading level (lr) and writing level (lw). The corresponding security rules and proof have been given. Finally, we give the implementing scheme of our model. By integrating the temporal state and environmental state together for the current complicated network, our scheme could solve the problems of the multi-level management and access control.