• DocumentCode
    2675091
  • Title

    An Extended RBAC Model for Uniform Implementation of Role Hierarchy and Constraint

  • Author

    Ren, Yi ; Xiao, Zhiting ; Guo, Sipei

  • Author_Institution
    State-Key Lab. of Software Eng., Wuhan Univ., Wuhan
  • fYear
    2008
  • fDate
    3-5 Aug. 2008
  • Firstpage
    169
  • Lastpage
    174
  • Abstract
    Role based access control (RBAC) has been widely adopted as a policy neutral access control model by many IT corporations. RBAC96, which is the most famous family of RBAC models, provides a common frame reference for related research and development. Many properties proposed in the family, e.g. limited inheritance, mutually exclusive roles, cardinality, and interaction, have been separately discussed in the previous work. In this paper, an extended RBAC model implementing those properties is proposed to provide an approach for implementing RBAC3. The extended RBAC model is based on deputy mechanism and is called deputy-based access control (DBAC). Since the private role hierarchy and constraint can be uniformly handled in DBAC, a flexible and powerful access control system can be implemented.
  • Keywords
    security of data; RBAC; common frame reference; deputy-based access control; extended RBAC model; limited inheritance; mutually exclusive roles; role based access control; Access control; Costs; Electronic commerce; Engineering management; Permission; Power system modeling; Prototypes; Research and development; Security; Software engineering; RBAC; access control; security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Electronic Commerce and Security, 2008 International Symposium on
  • Conference_Location
    Guangzhou City
  • Print_ISBN
    978-0-7695-3258-5
  • Type

    conf

  • DOI
    10.1109/ISECS.2008.163
  • Filename
    4606048
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2675091