An object-oriented RBAC model for distributed system

Author

Chang, N.Z. ; Yang, Cungang

Author_Institution

Dept. of Comput. Sci., Regina Univ., Sask., Canada

fYear

2001

fDate

2001

Firstpage

24

Lastpage

32

Abstract

In distributed computing environments, users would like to share resources and communicate with each other to perform their jobs more efficiently. For better performance, it is important to keep resources and information integrity from unexpected use by unauthorized users. Therefore, there is a strong demand for access control of distributed shared resources. Role-Based-Access-Control (RBAC) has been introduced and offers a powerful means for specifying access control decisions. The authors propose an object oriented RBAC model for distributed system (ORBAC), it efficiently represents the real world. Moreover, under the decentralized ORBAC management architecture, an implementation of the model has realized multiple-domain access control. Finally, statically and dynamically role authorization is considered and a method to deal with the problem of separation of duties is presented

Keywords

authorisation; distributed object management; object-oriented programming; resource allocation; shared memory systems; Role-Based-Access-Control; access control; access control decisions; decentralized ORBAC management architecture; distributed computing environments; distributed shared resources; distributed system; information integrity; multiple domain access control; object oriented RBAC model; resource sharing; role authorization; separation of duties; unauthorized users; unexpected use; Access control; Authorization; Computer science; Costs; Humans; Logic; Object oriented modeling; Protection; Qualifications; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Architecture, 2001. Proceedings. Working IEEE/IFIP Conference on

Conference_Location

Amsterdam

Print_ISBN

0-7695-1360-3

Type

conf

DOI

10.1109/WICSA.2001.948401

Filename

948401