Title :
An Extended RBAC Model for the Threshold in Collaborative Environment
Author :
Chen Juan-juan ; Cheng Xi-jun
Author_Institution :
Dept. of Comput. Eng., Naval Univ. of Eng., Wuhan, China
Abstract :
In collaborative environment the threshold structure is common for joint authorization. Although with the powerful ability to enforce security policies, traditional RBAC hardly considers the issue. In order to solve the problem, we describe the threshold permission as a 3-tuple (obj, op, thre), which is distinguished from ordinary permission. Although there are many users who are assigned to the threshold permission, at least thre different users are required to execute jointly the threshold permission. We propose an efficient algorithm to check whether users can execute the threshold permission. We also analyses the influence of userspsila differences impacting on threshold permissions. At last, we discuss how to constraint threshold permissions and associated roles to enforce separation-of-duty which is a fundamental security principle.
Keywords :
authorisation; groupware; 3-tuple; RBAC model; collaborative environment; role based access control; separation-of-duty; threshold permission; Access control; Authorization; Collaborative work; Contracts; Cryptography; Electronic mail; International collaboration; Permission; Power engineering and energy; Power engineering computing; RBAC; access control; separation of duty; threshold;
Conference_Titel :
Information and Computing Science, 2009. ICIC '09. Second International Conference on
Conference_Location :
Manchester
Print_ISBN :
978-0-7695-3634-7
DOI :
10.1109/ICIC.2009.29
