1. Field of the Invention
The present invention relates to a CBR-based RBAC method and, in particular, relates to a CBR-based Negotiation RBAC Method for enhancing ubiquitous resources management.
2. Description of the Related Art
With progress in new technologies of information management, the Ubiquitous Resource Management (URM) platform is becoming popular. Because of the increasing number of people using applications (APPs), controlling access to resources on the related URM platform has become challenging. The management procedure can be simplified by grouping users having the same permissions. For example, the role-based access control (RBAC) model is a role-based method for a serving server to manage permission assignment to grouped users. RBAC is a powerful method that controls users' access permission in a big system. The concept of RBAC is that users are assigned with appropriate roles that are associated with corresponding permissions, wherein access to all resources is controlled by roles via the RBAC system. Therefore, permissions could be readily provided to users by simply assigning roles to each user. An organization's roles have to be designed to promote system and network security. Because URM can control the permissions of remote users, access control for remote access services is critically important for URM to prevent sensitive data from being accessed illegally. The management of the huge amount of users and the control of grouped users' secure accesses in URM systems is becoming a challenging problem.
Furthermore, there is also the huge challenge of controlling access to ubiquitous resources among multiple collaborative servers based on the negotiating security policies on URMs. The traditional access control mechanisms are insufficient to meet the requirements of role assignment management on URMs which provide accessing services for huge numbers of clients. Therefore, we need an innovative measure to solve these problems.