In the RBAC system, the list of each us er's roles will be stored in the system. When users enter the system to verify checks before, they will be entitled if passed. However, the validation falls short of some applications today. For this purpose, a number of attributes are added to the control module in the original RBAC system, which allows authentication, obligations and conditions of the three decision strategies to check the permissions. In this way, users can re-determine their rights in the working process of the system.In a RBAC system, adding the concept of property to users can let some previous RBAC system adapted to acquire new applications, while retaining the original advantages of RBAC.