Based on the in-depth analysis of issues in dRBAC model, which include the lack of commission depth control in distributed environment, the inefficiency of cascading revocation of the authorization roles and the incapability of judging whether the commission violates the principles of RBAC model before it is done, this paper proposed MD-dRBAC Model, designed trust management mechanism for MD-dRBAC Model, which was used to control the access, established the credible authority commission tree and finally proposed the detection algorithm for implicit authorities upgrading to avoid violation of the least privilege principle in RBAC model Extensive security and performance analysis show that the proposed schemes are highly efficient and secure.

DOI: http://dx.doi.org/10.11591/telkomnika.v11i1.1917