Towards dynamically administered role-based access control

In digital business, the need for efficient frameworks to address the multifaceted security issues related to Web-based applications, has led to efforts towards the development of dynamically administered access control systems that implement robust access control models, to allow controlled access of information based on content or context of processing, and secure interoperation in a dynamic distributed enterprise environment. Pure RBAC seems to be suitable for function-oriented organization structures usually used in relatively stable environments. On the other hand, TBAC and TMAC provide a complementary support in environments that are based on process-oriented organization structures. However, current organizational alternatives lead to the combination of the above approaches, in the form of a matrix organization structure that maximizes the advantages of functional and process-oriented structures and introduces the need for new access control administration paradigms. In this paper, we discuss our approach for dynamically administered role-based access control, which covers the need-to-know requirements of users and missions are involved with, and provides tight and just-in-time access control without sacrificing operability and simplicity of administration.