Research and implementation of role-based RBAC administration model

Author

Jiong, Qiu ; Chen-hua, Ma ; Jian-Wei, Yin ; Jin-Xiang, Dong

Author_Institution

Zhejiang University

fYear

2005

fDate

21-23 Sept. 2005

Firstpage

741

Lastpage

745

Abstract

RBACAM, a role-based administrative model of RBAC, is proposed in this paper. It simplifies the description of role hierarchies with the definition of role identity code and role derivative information pair group. The concept of role administration domain and role enhanced administration domain is introduced to realize decentralized administration of RBAC. Each role has responsibility far role administration in its own administration domain and enhanced administration domain. A series of conflict checking rules to maintain consistency and the administration of authorization constraints are provided in the model. Administrative algorithms of role hierarchies, user-rote assignments, permission-role assignments and authorization constraints are also described- RBAC AM can be applied in the context of the RBAC96 model without introducing additional entities and relations. The main advantage of RBAC AM is its simplicity, completeness and practicability.

Keywords

authorisation; message authentication; RBAC96 model; RBACAM; authorization constraint; permission-role assignment algorithm; role derivative information pair group; role hierarchies algorithm; role identity code; role-based administrative model; user-rote assignments algorithm; Access control; Authorization; Context modeling; Information analysis; Information technology; Laboratories; Permission; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer and Information Technology, 2005. CIT 2005. The Fifth International Conference on

Print_ISBN

0-7695-2432-X

Type

conf

DOI

10.1109/CIT.2005.161

Filename

1562745