Skip to Main Content
RBAC (role-based access control) has been widely investigated and adopted for its simplicity and effectiveness. However, there still exist some defects in it, including: (1) traditional RBAC does not consider time and context factors. (2) traditional RBAC only defines a simple logical relationship among roles and permissions, which makes it incompetent to solve authorization problem for large-scale dynamic systems. To remedy these defects, the paper introduces granular computing to RBAC and proposes G-RBAC model. G-RBAC granulates permissions and roles, and introduces time and context factors to them. The paper also defines elementspsila logical relationship in G-RBAC based on granular logic and realizes authorization decision-making by granular logic reasoning. The application examples show that G-RBAC can enhance flexibility of authorization, and realize fine grained access control effectively for large scale enterprise information system.