Title :
An authorization model of quantitative analysis of the least privilege
Author :
Hui Wang ; Lianzhong Liu ; Wanli Tian
Author_Institution :
Sch. of Comput. Sci. & Eng., Beihang Univ., Beijing, China
Abstract :
LP (Leaset Privilege) is one of the key principles of the RBAC model.It means that only the minimum collection of permissions can be granted the user to complete the specified task in order to prevent potential security threats caused by excess privileges. Recently most authorization mechanisms for granting permissions by least privilege are based on professional experience in specific fields. However, with the increasing number of roles, users and process of authorization, this become a heavy burden to the administrator and also the reliability and accuracy are not guaranteed. This paper presents an authorization model of quantitative analysis of the least privilege.The model authorizes users permissions by different weights according to the importance of these permissions.At the same time, the concept of least privilege will be expressed in formal methods, combined with the improved algorithm which proves the correctness and validity of the model.
Keywords :
authorisation; RBAC model; authorization mechanisms; authorization model; formal methods; least privilege quantitative analysis; permission collection; potential security threats; professional experience; access control; authorization model; least privilege; quantitative analysis;
Conference_Titel :
Information Science and Service Science and Data Mining (ISSDM), 2012 6th International Conference on New Trends in
Conference_Location :
Taipei
Print_ISBN :
978-1-4673-0876-2
