Title :
An Extended RBAC Model for Uniform Implementation of Role Hierarchy and Constraint
Author :
Ren, Yi ; Xiao, Zhiting ; Guo, Sipei
Author_Institution :
State-Key Lab. of Software Eng., Wuhan Univ., Wuhan
Abstract :
Role based access control (RBAC) has been widely adopted as a policy neutral access control model by many IT corporations. RBAC96, which is the most famous family of RBAC models, provides a common frame reference for related research and development. Many properties proposed in the family, e.g. limited inheritance, mutually exclusive roles, cardinality, and interaction, have been separately discussed in the previous work. In this paper, an extended RBAC model implementing those properties is proposed to provide an approach for implementing RBAC3. The extended RBAC model is based on deputy mechanism and is called deputy-based access control (DBAC). Since the private role hierarchy and constraint can be uniformly handled in DBAC, a flexible and powerful access control system can be implemented.
Keywords :
security of data; RBAC; common frame reference; deputy-based access control; extended RBAC model; limited inheritance; mutually exclusive roles; role based access control; Access control; Costs; Electronic commerce; Engineering management; Permission; Power system modeling; Prototypes; Research and development; Security; Software engineering; RBAC; access control; security;
Conference_Titel :
Electronic Commerce and Security, 2008 International Symposium on
Conference_Location :
Guangzhou City
Print_ISBN :
978-0-7695-3258-5
DOI :
10.1109/ISECS.2008.163
