ARBAC07: A Role-based Administration Model for RBAC with Hybrid Hierarchy

Recently, administration of RBAC systems using role-based approach has become very appealing because of the benefits that a role-based approach typically brings. This approach uses RBAC itself to manage RBAC policies so that the administration functions can be decentralized and made more efficient. ARBAC97, ARBAC99, and ARBAC02 are series of well-known solutions for decentralized RBAC administration. However, none of these can be used for RBAC systems that support hybrid hierarchies, which have been shown to be necessary to specify fine-grained RBAC policies. In this paper, we propose the ARBAC07 model based on the ARBAC97, ARBAC99 and ARBAC02 models for an RBAC system with hybrid hierarchy. We show that our model keeps all the advantages of the original model and can further deal with more fine-grained RBAC policies where hybrid hierarchy is needed.