Article Preview
Top1. Introduction
In recent years, multi-agent systems are an important topic of cognitive theory, such as BDI (Believe, Desire, Intention) agents (Shi & Xu, 2009), non-monotonic logic (Liao & Lin, 2006), dynamic logic (Liu &Tang, 2010), etc. However, in the opinion of ontology, an agent is actually the executor of role, and agents will inevitably cause the conflicts among roles and agents (Pu et al. 2010). Roles based interactions are important elements of social activity and are fundamental aspects of cognitive informatics (Zhu, 2010). The authorization of agents and roles in RBAC (role-based access control) can be very complex, because there are the huge number of agents/roles and complicated constraints.
With the development of information technologies, RBAC (Role-Based Access Control) has been extensively used in the rights management (Huet et al., 2004). In RBAC, a role is an intermediary between a user and a permission (a role can be a group of users, these users have the same behaviors and responsibilities) and a role is used to link a user and permissions. A role can be utilized to solve the problems in traditional access control models, such as, the DAC (Discretionary Access Control) and MAC (Mandatory Access Control). These traditional access control models have some shortcomings and insufficiency (Zhao & Lin, 2005).
Under the cloud computing environments, the traditional access control model cannot satisfy the dynamic needs because these objects are unchangeable. However, the RBAC model is suitable for cloud computing (Zhao & Yao, 2012). The RBAC96 model (Zhang & Zhang, 2009), whose members include RBAC0, RBAC1, RBAC2, and RBAC3, consists of four basic elements: Users, Roles, Permissions, and Sessions. In RBAC96 (Figure 1), the authorization of users’ permissions is mainly through UA (user-role assignment) and PA (role-permission assignment), UA is a many-to-many assignment between User and Role, PA is a many-to-many assignment between Role and Permission.
In this paper, we study the problem of assignment under some conflicting constraints. It has not still been solved because of complicated constraints. RBAC is still a Role-Based Collaboration (RBC) System. In RBC, roles are the major media and the basis for interaction, coordination, and collaboration (Zhu & Hou, 2011). RBC is a computational thinking methodology that mainly uses roles as underlying mechanisms to facilitate abstraction, classification, separation of concern, dynamics, and interactions. Based on roles, RBC is such an emerging methodology to facilitate an organizational structure, provide orderly system behavior, and consolidate system security for both human and non-human entities that collaborate and coordinate their activities with or within systems (Zhu & Zhou, 2006).
This paper is arranged as follows: Section 2 introduces the related work; Section 3 depicts the RBAC modeling based on E-CARGO; Section 4 describes the role permission assignment; Section 5 designs the algorithm for the assignment; Section 6 presents the results of simulation experiments; Section 7 concludes the paper and points out the future work.
TopIn the implementation of the security policy of RBAC, we need to solve the problem of UA and PA. They are both M-M (Many-to-Many) assignment between agent and role, hence the role assignment is evidently an important challenging problem in a hierarchical organizational structure, and it is also an important problem in multi-agent systems.
Wei et al. (2013) propose a cooperation protocol design method for repository-based multi-agent systems. They aim at improving the efficiency of developing multi-agent system by introducing reusable protocol templates.
Wang (2009) proposes a cognitive informatics perspective on autonomous agent systems (AAS’s). He develops a hierarchical reference model of AAS’s, and describes the theoretical framework from facts of cognitive informatics, computational intelligence, and denotational mathematics.