Title :
An object-oriented RBAC model for distributed system
Author :
Chang, N.Z. ; Yang, Cungang
Author_Institution :
Dept. of Comput. Sci., Regina Univ., Sask., Canada
Abstract :
In distributed computing environments, users would like to share resources and communicate with each other to perform their jobs more efficiently. For better performance, it is important to keep resources and information integrity from unexpected use by unauthorized users. Therefore, there is a strong demand for access control of distributed shared resources. Role-Based-Access-Control (RBAC) has been introduced and offers a powerful means for specifying access control decisions. The authors propose an object oriented RBAC model for distributed system (ORBAC), it efficiently represents the real world. Moreover, under the decentralized ORBAC management architecture, an implementation of the model has realized multiple-domain access control. Finally, statically and dynamically role authorization is considered and a method to deal with the problem of separation of duties is presented
Keywords :
authorisation; distributed object management; object-oriented programming; resource allocation; shared memory systems; Role-Based-Access-Control; access control; access control decisions; decentralized ORBAC management architecture; distributed computing environments; distributed shared resources; distributed system; information integrity; multiple domain access control; object oriented RBAC model; resource sharing; role authorization; separation of duties; unauthorized users; unexpected use; Access control; Authorization; Computer science; Costs; Humans; Logic; Object oriented modeling; Protection; Qualifications; Security;
Conference_Titel :
Software Architecture, 2001. Proceedings. Working IEEE/IFIP Conference on
Conference_Location :
Amsterdam
Print_ISBN :
0-7695-1360-3
DOI :
10.1109/WICSA.2001.948401
