Title :
Deriving a role-based access control model from the OBBAC model
Author :
Tenday, J. M Kabasele ; Quisquater, J.-J. ; Lobelle, M.
Author_Institution :
CERTI, Katholieke Univ., Leuven, Belgium
Abstract :
The object-based access control model (OBBAC), a conceptual access control model, has been proposed to deal with the high-level specification of a security policy in an object-oriented environment. This model is based on the notion of security labels which, however, are associated to operations rather than to objects as in the classic label-based access control models. It was used to specify the security policy of a distance learning system. The key issue that has arisen from the OBBAC model is the handling of security labels during the application development. The goal of the paper is to prove that there exists a mapping from an OBBAC model to a role-based access control model (RBAC) which can be used to specify the system security policy
Keywords :
authorisation; distance learning; object-oriented programming; OBBAC model; application development; distance learning; high-level specification; label-based access control; object-based access control model; object-oriented environment; role-based access control; security labels; security policy; Access control; Application software; Brain modeling; Computer aided instruction; Electrical capacitance tomography; Information security; Information systems; Monitoring; Protection; Read only memory;
Conference_Titel :
Enabling Technologies: Infrastructure for Collaborative Enterprises, 1999. (WET ICE '99) Proceedings. IEEE 8th International Workshops on
Conference_Location :
Stanford, CA
Print_ISBN :
0-7695-0365-9
DOI :
10.1109/ENABL.1999.805190
