摘要: 在智慧城市的背景下，信息系统之间急需资源共享和协同运作，传统的访问控制技术面临着新的需求和挑战。本文基于RBAC模型进行扩展，引入“应用”这一元素，不同的应用包含不同的角色和权限，通过给人员授予属于不同应用的角色，实现统一授权。同时对新的模型提出了模型约束和模型参数配置以及相应的冲突检测策略，通过检测树级元素基本操作、角色关联权限和授权规则，有效的避免和检测冲突，保证授权的正确性。

Abstract: In the circumstance of the sapiential city, resource sharing and collaboration are necessary in in-formation systems. The traditional access control technology is faced with new demands and challenges. In this paper, we extend the access control model based on RBAC and lead the element of “application” into this model. Different applications include different roles and permissions so that they can grant a person different roles coming from different applications for the implemen-tations of unified authorizations. Model constraints and parameter configurations are raised in this paper for conflict detection. The detection avoids conflicts effectively and ensures correct au-thorizations that include basic operations of tree elements, the relationship of roles and permis-sions and the authorization rules.