Implementation of Hybrid Model for Access Control in a Fine-Grained Authorization System

Abstract

Access control in fine-grained authorization systems is a critical aspect of ensuring secure and precise resource management in complex environments. Traditional access control models, such as Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) have limitations in handling the dynamic nature of modern systems, where access decisions depend on both user attributes and contextual information. This paper proposes a hybrid access control model that combines the strengths of RBAC and ABAC, offering a flexible, scalable, and secure solution for fine-grained authorization. The hybrid model integrates the role-based structure of RBAC with the contextual and attribute-driven decision-making of ABAC, allowing for more dynamic and context-aware access control. By incorporating role hierarchies, user attributes, environmental conditions, and resource sensitivity, the model provides a comprehensive approach to access control that can adapt to various organizational requirements. It also introduces a policy enforcement layer that ensures consistent enforcement across diverse applications and systems. The proposed hybrid model enhances security by allowing more granular access decisions while maintaining manageability through roles. The approach is evaluated through simulations and case studies, demonstrating its effectiveness in addressing real-world access control challenges in both static and dynamic environments. This model offers an adaptable framework for securing modern IT infrastructures with diverse and evolving access control needs. The proposed hybrid model enhances system performance by minimizing information loss through precise role-attribute mapping, strengthening privacy by limiting unnecessary attribute exposure and improving responsiveness by reducing real-time computational overhead. It also boosts genuine user detection accuracy by combining static roles with dynamic attribute validation, ensuring secure and efficient access control.