Deriving a role-based access control model from the OBBAC model

Author

Tenday, J. M Kabasele ; Quisquater, J.-J. ; Lobelle, M.

Author_Institution

CERTI, Katholieke Univ., Leuven, Belgium

fYear

1999

fDate

1999

Firstpage

147

Lastpage

151

Abstract

The object-based access control model (OBBAC), a conceptual access control model, has been proposed to deal with the high-level specification of a security policy in an object-oriented environment. This model is based on the notion of security labels which, however, are associated to operations rather than to objects as in the classic label-based access control models. It was used to specify the security policy of a distance learning system. The key issue that has arisen from the OBBAC model is the handling of security labels during the application development. The goal of the paper is to prove that there exists a mapping from an OBBAC model to a role-based access control model (RBAC) which can be used to specify the system security policy

Keywords

authorisation; distance learning; object-oriented programming; OBBAC model; application development; distance learning; high-level specification; label-based access control; object-based access control model; object-oriented environment; role-based access control; security labels; security policy; Access control; Application software; Brain modeling; Computer aided instruction; Electrical capacitance tomography; Information security; Information systems; Monitoring; Protection; Read only memory;

fLanguage

English

Publisher

ieee

Conference_Titel

Enabling Technologies: Infrastructure for Collaborative Enterprises, 1999. (WET ICE '99) Proceedings. IEEE 8th International Workshops on

Conference_Location

Stanford, CA

ISSN

1080-1383

Print_ISBN

0-7695-0365-9

Type

conf

DOI

10.1109/ENABL.1999.805190

Filename

805190