Title :
An integrity enforcement application design and operation framework in role-based access control systems: A session-oriented approach
Author :
Lee, HyungHyo ; Noh, BongNam
Author_Institution :
Dept. of Comput. Sci., Chonnam Nat. Univ., Kwangju, South Korea
Abstract :
Role-based access control (RBAC) policy is being widely accepted not only as an access control policy but as a flexible permission management framework in various commercial environments. RBAC simplifies the process of security management by assigning permissions to roles not directly to individual users. As security administrators can design and manage security policies by changing the configuration of RBAC components to meet their organization´s own security needs, RBAC is called policy-neutral and has ability to articulate enterprise-specific security policies. While most researches on RBAC are for defining, describing model in formal method and other important properties such as separation of duty, little work has been done on how applications should be designed and then executed in automated information systems based on RBAC security model. In this paper, we describe important, dynamic features of a session that can be used as a vehicle for building applications, and present a basic framework for session-oriented integrity enforcement application design and operation applicable to commercial environments
Keywords :
access protocols; security of data; RBAC; access control; access control policy; commercial environments; flexible permission management; integrity enforcement; security management; session-oriented approach; Access control; Application software; Communication system security; Computer science; Environmental management; Government; Identity-based encryption; Information security; National security; Permission;
Conference_Titel :
Parallel Processing, 1999. Proceedings. 1999 International Workshops on
Conference_Location :
Aizu-Wakamatsu
Print_ISBN :
0-7695-0353-5
DOI :
10.1109/ICPPW.1999.800059
