Cited By
View all- Lui RHui LYiu S(2005)Secure role activation and authorization in the enterprise environmentProceedings of the Second European conference on Public Key Infrastructure10.1007/11533733_2(22-35)Online publication date: 30-Jun-2005
Role activation management in role based access control
Pages 358 - 369
Abstract
Role Based Access Control (RBAC) [6] is a popular approach to specify and enforce security policies in organizations. In RBAC, users are not directly assigned permission but with the use of roles as the intermediary. Role activation is one important component in RBAC. A user may activate a subset of his/her assigned roles to exercise the associated permission. This paper proposes a number of ways in which the role activation constraints can be specified and enforced in the enterprise environment. Also, an access control model and an authorization process are proposed to support the specification and enforcement of dynamic separation of duty constraints in a decentralized manner.
References
[1]
Venkata Bhamidipat and Ravi Sandhu. Push architectures for user-role assignment. In National Information Systems Security Conference, 2000.
[2]
Rafae Bhatti, James Joshi, Elisa Bertino, and Arif Ghafoor. X-GTRBAC admin: a decentralized administration model for enterprise wide access control. In SACMAT '04: Proceedings of the ninth ACM symposium on Access control models and technologies, pages 78-86. ACM Press, 2004.
[3]
Nicole Dunlop, Jadwiga Indulska, and Kerry Raymond. Dynamic policy model for large evolving enterprises. In EDOC, pages 193, 2001.
[4]
Jan H. P. Eloff. Separation of duties for access control enforcement in workflow environments. IBM Systems Journal 40(3): 666-682, 2001.
[5]
David F. Ferraiolo, John F. Barklery, and D. Richard Kuhn. A role-based access control model and reference implementation within a corporate intranet. ACM Transactions on Information and System Security, Vol. 2, No. 1, February 1999, Pages 34-64, 1999.
[6]
David F. Ferraiolo, D. Richard Kuhn, and Ramaswamy Chandramouli. Role-based access control. Boston : Artech House, 2003.
[7]
John H. Hine, Walt Yao, Jean Bacon, and Ken Moody. An architecture for distributed oasis services. In Middleware 2000, LNCS 1795, pp. 104-120, 2000.
[8]
Sejong Oh and Ravi Sandhu. A model for role administration using organization structure. In Proceedings of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT 2002) (Monterey, Calif., June 3-4). ACM, New York, 155-162, 2002.
[9]
Joon S. Park, Ravi S. Sandhu, and SreeLatha Ghanta. Rbac on the web by secure cookies. In DBSec, pages 49-62, 1999.
[10]
Najam Perwaiz. Structured management of role-permission relationships. In ACM Workshop on Role Based Access Control archive Proceedings of the sixth ACM symposium on Access control models and technologies, Chantilly, Virginia, United States, Pages: 163-169, 2001.
[11]
R. Sandhu R. Chandramouli. Role based access control features in commercial database management systems. In 21st National Information Systems Security Conference, October 6-9, 1998, Crystal City, Virginia, 1998.
[12]
David Ferraiolo Ravi Sandhu and Richard Kuhn. The nist model for role-based access control: Towards a unified standard. In ACM Workshop on Role-Based Access Control, 2000.
[13]
R. Sandhu. Transaction control expressions for separation of duties. In Proc. of the Fourth Computer Security Applications Conference, pp. 282-286, 1998.
[14]
Ravi Sandhu. Role activation hierarchies. In Symposium on Access Control Models and Technologies archive Proceedings of the third ACM workshop on Role-based access control, Fairfax, Virginia, United States, Pages: 33-40, ISBN:1-58113-113-5, 1998.
[15]
Ravi S. Sandhu and Qamar Munawer. The ARBAC99 model for administration of roles. In Annual Computer Security Applicarions Conference, pages 229, 1999.
[16]
Richard T. Simon and Mary Ellen Zurko. Separation of duty in role-based environments. In IEEE Computer Security Foundations Workshop, pages 183-194, 1997.
Recommendations
An Evaluation of Role Based Access Control Towards Easier Management Compared to Tight Security
ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed SystemsRole-based access control (RBAC) is a widely-used protocol to design and build an access control for providing the system security regarding authorization. Even though in the context of internet resources access, the authentication and access control ...
Practical Role-Based Access Control
This article presents access control from a general and a role-based perspective. The article's focus is role based Access Control from a practical vice a theoretical perspective. The article starts with some access control definitions and two secure ...
Homonymous role in role-based discretionary access control
The access control model is a core aspect of trusted information systems. Based on the role based access control (RBAC) model, we put forward the concept of the homonymous role, which extends the role control categories in RBAC, balances the control ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Sponsors
- Eracom Technologies Pty. Ltd.: Eracom Technologies Pty. Ltd.
- RNSA: Research Network for a Secure Australia
- QUT Information Security Institute
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 04 July 2005
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 20 Jan 2025
Other Metrics
Citations
Cited By
View all- Lui RHui LYiu S(2005)Secure role activation and authorization in the enterprise environmentProceedings of the Second European conference on Public Key Infrastructure10.1007/11533733_2(22-35)Online publication date: 30-Jun-2005