中文摘要：

在研究GTRBAC和CT—RBAC模型的基础上，提出了一种支持可变上下文参数的多维RBAC（MDRBAC）模型．该模型通过将反映不同安全因子的约束组织为不同维的约束空间，为不同上下文参数的约束控制提供可靠的基础框架，使得RBAC模型能更好地适用于不同安全需求环境，提高了约束控制的灵活性和多样性．同时，MD-RBAC进一步完善了RBAC模型的状态断言语义，并分析了多维约束语义下的冲突事件和冲突约束．

英文摘要：

MD-RBAC （multi-dimensional role based access control） model was presented after GTR- BAC （generalized temporal role based access control） model and the CT-RBAC （conditional temporal role based access control） models were analyzed, which is designed to have the capability to capture multi concurrent context parameters in RBAC. In MD-RBAC, the notions of the constraint dimension and the constraint space were introcuced： one type of constraints which represents one type security factor is one constraint dimension, and the constraint space is composed of all types of constraints. Based on the above notions, one reliable constraint framework is provided for the RBAC model, by which the RBAC model can be easily applicable for sophisticated environments and the flexibility and variety of the constraint control mechanism is improved. Furthermore, we enrich the predicate state semantics in MD-RBAC and analyze the conflict event and the conflict constraint for the multi-dimensional constraint semantics.