中文摘要：

针对RBAC模型仅仅依靠用户身份进行角色和权限分配,未考虑用户平台的安全及可信性的问题,提出一种基于平台可信等级的改进RBAC模型（TLPRBAC）。TLPRBAC模型引入可信平台和可信等级两个实体元素,改进了实体关系和授权规则。改进的RBAC模型采用将角色与可信等级、可信等级与访问客体相关联的方法,实现不同可信等级主体对不同安全级别客体的细粒度访问控制。最后提出一个TLPRBAC模型在政府内网中的文件访问控制应用方案。

英文摘要：

Aimed at the problem that distribution permissions of roles is only depended on user＇s identity in traditional RBAC model,without considering the security and credibility of the platform,an improved role-based access control model based on trust level of platform（TLPRBAC） is proposed.Two entities that the trust platform and trust level are introduced in the TLPRBAC model,and the relationships of entities and authorization rules are developed.The roles are associated with the platform security and the trust level is associated with the entities in the improved RBAC model,to achieve a more fine-grained access control between a trusted level subject entity and a safety level object entity.Finally,the TLPRBAC model is applied to a documents access control scheme in government intranet.