Article

The ARBAC99 Model for Administration of Roles

Authors:

Ravi Sandhu,

Qamar MunawerAuthors Info & Claims

ACSAC '99: Proceedings of the 15th Annual Computer Security Applications Conference

Page 229

Published: 06 December 1999 Publication History

Publisher Site

Abstract

Role-Based Access Control (RBAC) is a flexible and policy-neutral access control technology. For large systems|with hundreds of roles, thousands of users and millions of permissions|managing roles, users, permissions and their interrelationships is a formidable task that cannot realistically be centralized in a small team of security administrators. An appealing possibility is to use RBAC itself to facilitate decentralized administration of RBAC. The ARBAC97 (administrative RBAC '97)model was recently introduced for this purpose. ARBAC97 has three sub-models called URA97 (for user-role administration), PRA97 (for permission-role administration) and RRA97 (for role-role administration). In this paper we define enhancements to ARBAC97 to give us the new ARBAC99 model. Specifically the URA and PRA sub-models of ARBAC99 introduce significant new features relative to their counterparts in ARBAC97 (while RRA is left unchanged). ARBAC99 incorporates the concept of mobile and immobile users and permissions for the first time in this arena. This paper gives a formal definition of ARBAC99, motivates these enhancements and analyzes several subtle issues that arise in this context.

Cited By

View all

P.V. RSandhu RWeippl EKatzenbeisser SKruegel CMyers AHalevi S(2016)POSTERProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security10.1145/2976749.2989068(1802-1804)Online publication date: 24-Oct-2016
https://dl.acm.org/doi/10.1145/2976749.2989068
Elliott AKnight SWang XBauer LKerschbaum F(2016)Start HereProceedings of the 21st ACM on Symposium on Access Control Models and Technologies10.1145/2914642.2914651(113-124)Online publication date: 6-Jun-2016
https://dl.acm.org/doi/10.1145/2914642.2914651
Mun HOh S(2016)Injecting Subject Policy into Access Control for Strengthening the Protection of Personal InformationWireless Personal Communications: An International Journal10.1007/s11277-015-3094-789:3(715-728)Online publication date: 1-Aug-2016
https://dl.acm.org/doi/10.1007/s11277-015-3094-7
Show More Cited By

The ARBAC99 Model for Administration of Roles
1. Security and privacy
  1. Security services
  2. Systems security
2. Social and professional topics
  1. Computing / technology policy

Recommendations

The ARBAC97 model for role-based administration of roles
Special issue on role-based access control

In role-based access control (RBAC), permissions are associated with roles' and users are made members of roles, thereby acquiring the roles; permissions. RBAC's motivation is to simplify administration of authorizations. An appealing possibility is to ...
An effective role administration model using organization structure

Role-based access control (RBAC) is a well-accepted model for access control in an enterprise environment. When we apply RBAC model to large enterprises, effective role administration is a major issue. ARBAC97 is a well-known solution for decentralized ...
A model for role administration using organization structure
SACMAT '02: Proceedings of the seventh ACM symposium on Access control models and technologies

Role-based access control (RBAC) is recognized as an excellent model for access control in an enterprise environment. In large enterprises, effective RBAC administration is a major issue. ARBAC97 is a well-known solution for decentralized RBAC ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ACSAC '99: Proceedings of the 15th Annual Computer Security Applications Conference

December 1999

ISBN:0769503462

Publisher

IEEE Computer Society

United States

Publication History

Published: 06 December 1999

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

27
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

P.V. RSandhu RWeippl EKatzenbeisser SKruegel CMyers AHalevi S(2016)POSTERProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security10.1145/2976749.2989068(1802-1804)Online publication date: 24-Oct-2016
https://dl.acm.org/doi/10.1145/2976749.2989068
Elliott AKnight SWang XBauer LKerschbaum F(2016)Start HereProceedings of the 21st ACM on Symposium on Access Control Models and Technologies10.1145/2914642.2914651(113-124)Online publication date: 6-Jun-2016
https://dl.acm.org/doi/10.1145/2914642.2914651
Mun HOh S(2016)Injecting Subject Policy into Access Control for Strengthening the Protection of Personal InformationWireless Personal Communications: An International Journal10.1007/s11277-015-3094-789:3(715-728)Online publication date: 1-Aug-2016
https://dl.acm.org/doi/10.1007/s11277-015-3094-7
Elliott AKnight SSomayaji ABöhme RVan Oorschot PMannan M(2015)Towards Managed Role ExplosionProceedings of the 2015 New Security Paradigms Workshop10.1145/2841113.2841121(100-111)Online publication date: 8-Sep-2015
https://dl.acm.org/doi/10.1145/2841113.2841121
Guo ZHan WLiu LXu WBu RNi MWeippl EKerschbaum FLee A(2015)SPAProceedings of the 20th ACM Symposium on Access Control Models and Technologies10.1145/2752952.2752974(221-231)Online publication date: 1-Jun-2015
https://dl.acm.org/doi/10.1145/2752952.2752974
Sharma MSural SAtluri VVaidya J(2013)An Administrative Model for Spatio-Temporal Role Based Access ControlProceedings of the 9th International Conference on Information Systems Security - Volume 830310.1007/978-3-642-45204-8_28(375-389)Online publication date: 16-Dec-2013
https://dl.acm.org/doi/10.1007/978-3-642-45204-8_28
Ferrara AMadhusudan PParlato G(2013)Policy analysis for self-administrated role-based access controlProceedings of the 19th international conference on Tools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-642-36742-7_30(432-447)Online publication date: 16-Mar-2013
https://dl.acm.org/doi/10.1007/978-3-642-36742-7_30
Ruan CVaradharajan V(2011)Reasoning about dynamic delegation in role based access control systemsProceedings of the 16th international conference on Database systems for advanced applications - Volume Part I10.5555/1997305.1997330(239-253)Online publication date: 22-Apr-2011
https://dl.acm.org/doi/10.5555/1997305.1997330
Bruns GHuth MAvijit KBreu RCrampton JLobo J(2011)Program synthesis in administration of higher-order permissionsProceedings of the 16th ACM symposium on Access control models and technologies10.1145/1998441.1998449(41-50)Online publication date: 15-Jun-2011
https://dl.acm.org/doi/10.1145/1998441.1998449
Fuchs LPernul GSandhu R(2011)Roles in information security - A survey and classification of the research areaComputers and Security10.1016/j.cose.2011.08.00230:8(748-769)Online publication date: 1-Nov-2011
https://dl.acm.org/doi/10.1016/j.cose.2011.08.002
Show More Cited By

Abstract

Cited By

Recommendations

The ARBAC97 model for role-based administration of roles

An effective role administration model using organization structure

A model for role administration using organization structure

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations