Abstract: Integrating the advantages of RBAC (Role-Based Access Control) and UCON (Usage Control) models, the paper proposes a role-based usage control authorization model.In the model, the role-assignment is based on attributes which can effectively reduce the authorization administration scale.Moreover the model can implement dynamic authorization by updating attributes and context constraints.A formalized description of the model is given and the dynamic authorization process is analyzed t by TLA (Temporal Logic of Actions).Finally the character of the model is analyzed.