The DRBAC model creates atom roles by dividing traditional RBAC roles, which makes role assignment granularity smaller to reach a state of undividable permission, and then becomes more beneficial for the implementation of "the principle of least privilege".
In DRBAC, time complexity of role searching and dynamic creation is a key problem for resource providers.
Thus makes the DRBAC has a better resistance to the mutative net work than the RBAC.
The above example well illustrates the process of role combination, and further analysis explains that DRBAC is able to avoid producing CAS proxy certificates and the management of time threshold can well control the use for roles and the maintenance of role space.
This paper puts forward a dynamic role-based authorization model, which combines DRBAC access control model and CAS model.
Figure 2 presents the framework of DRBAC model based on Multi-Agent Systems, PKI, and PMI.
Consequently, we verify that our proposed DRBAC scheme can handle and delegate the roles of the number of users in a robust, flexible, and efficient way.
Figure 8 presents the DRBAC and MAS configuration screen.