PLM-oriented multi-granular access control model

To meet the access control requirements of Product Lifecycle Management (PLM) system in complicated application circumstances, PLM-oriented Multi-granular Access Control (PLM MAC) model was proposed based on Role-Based Access Control (RBAC) standard. Access subject composition granularities and access object hierarchical granularities from RBAC model were improved in this model; access object lifecycle granularities and permission assignment control granularities were introduced into PLM MAC model. While the control scope of RBAC model was extended in PLM MAC, it reduced the probability of authorization mistakes and the quantity of repeated public authorization; it implemented the precise control for various access objects in all levels and all lifecycle states; and it resolved the permission coherence control induced by temporary authorization, project authorization and delegation authorization. At last, a formal description of PLM MAC model as well as an algorithm of permission consistency control were presented, and an application example was provided to verify the effectiveness of PLM MAC method.