DocumentCode
605962
Title
An authorization model of quantitative analysis of the least privilege
Author
Hui Wang ; Lianzhong Liu ; Wanli Tian
Author_Institution
Sch. of Comput. Sci. & Eng., Beihang Univ., Beijing, China
fYear
2012
fDate
23-25 Oct. 2012
Firstpage
283
Lastpage
288
Abstract
LP (Leaset Privilege) is one of the key principles of the RBAC model.It means that only the minimum collection of permissions can be granted the user to complete the specified task in order to prevent potential security threats caused by excess privileges. Recently most authorization mechanisms for granting permissions by least privilege are based on professional experience in specific fields. However, with the increasing number of roles, users and process of authorization, this become a heavy burden to the administrator and also the reliability and accuracy are not guaranteed. This paper presents an authorization model of quantitative analysis of the least privilege.The model authorizes users permissions by different weights according to the importance of these permissions.At the same time, the concept of least privilege will be expressed in formal methods, combined with the improved algorithm which proves the correctness and validity of the model.
Keywords
authorisation; RBAC model; authorization mechanisms; authorization model; formal methods; least privilege quantitative analysis; permission collection; potential security threats; professional experience; access control; authorization model; least privilege; quantitative analysis;
fLanguage
English
Publisher
ieee
Conference_Titel
Information Science and Service Science and Data Mining (ISSDM), 2012 6th International Conference on New Trends in
Conference_Location
Taipei
Print_ISBN
978-1-4673-0876-2
Type
conf
Filename
6528642
Link To Document