查看文章

In this paper, we develop a new paradigm for access control and authorization management, called task-based authorization controls (TBAC). TBAC models access controls from a task-oriented perspective than the traditional subject-object one. Access mediation now involves authorizations at various points during the completion of tasks in accordance with some application logic. By taking a task-oriented view of access control and authorizations, TBAC lays the foundation for research into a new breed of “active” security models that are required for agent-based distributed computing and workflow management.