Traditional access control systems, including RBAC, face significant limitations such as inflexible role definitions, difficulty handling dynamic scenarios, and lack of detailed accountability and traceability. To this end, we introduce the Interaction Provenance-based Access Control (IPBAC) model. In this paper, we explore the integration of interaction provenance with access control to overcome these limitations. Interaction provenance refers to the detailed recording of actions and interactions within a system, capturing comprehensive metadata such as the identity of the actor, the time of an action, and the context. IPBAC ensures stronger protection against unauthorized access, enhances traceability for auditing and compliance, and supports adaptive security policies. This provenance-based access control not only strengthens security, but also provides a robust framework for auditing and compliance.

翻译：传统访问控制系统（包括RBAC）面临诸多显著局限，例如角色定义僵化、难以处理动态场景、缺乏细粒度问责与可追溯性。为此，我们提出了基于交互溯源的访问控制（IPBAC）模型。本文探讨了将交互溯源与访问控制相结合以克服这些局限的方法。交互溯源指对系统内行为与交互的详细记录，其捕获包括执行者身份、行为时间及上下文在内的全面元数据。IPBAC能够更有效地防范未授权访问，增强审计与合规的可追溯性，并支持自适应安全策略。这种基于溯源的访问控制不仅强化了安全性，还为审计与合规提供了稳健的框架。