DocumentCode :
2359549
Title :
Engineering of role/permission assignments
Author :
Epstein, Pete ; Sandhu, Ravi
Author_Institution :
George Mason Univ., Manassas, VA, USA
fYear :
2001
fDate :
10-14 Dec. 2001
Firstpage :
127
Lastpage :
136
Abstract :
We develop a model for engineering role-permission assignment. Our model builds upon the well-known RBAC96 model. Assigning permissions to roles is considered too complex an activity to accomplish directly. Instead we advocate breaking down this process into a number of steps. We specifically introduce the concept of jobs, work-patterns, and tasks to facilitate role-permission assignment into a series of smaller steps. We describe methodologies for using this model in two different ways. In a top-down approach, roles are decomposed into permissions, whereas in a bottom-up approach, permissions are aggregated into roles.
Keywords :
authorisation; data privacy; RBAC96 model; jobs; permission aggregation; role decomposition; role-permission assignment; tasks; work-patterns; Access control; Authorization; Databases; Electrical equipment industry; Industrial control; Information systems; Medical services; Permission; Protection; X-rays;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual
Print_ISBN :
0-7695-1405-7
Type :
conf
DOI :
10.1109/ACSAC.2001.991529
Filename :
991529
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2359549
بازگشت