Role-Based Access Control Models
Computer
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The uses of role hierarchies in access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Temporal hierarchies and inheritance semantics for GTRBAC
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Introduction to Algorithms
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
An RBAC Framework for Time Constrained Secure Interoperation in Multi-domain Environments
WORDS '05 Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems
Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Inter-domain role mapping and least privilege
Proceedings of the 12th ACM symposium on Access control models and technologies
Formal foundations for hybrid hierarchies in GTRBAC
ACM Transactions on Information and System Security (TISSEC)
A Critique of the ANSI Standard on Role-Based Access Control
IEEE Security and Privacy
An efficient framework for user authorization queries in RBAC systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Towards formal security analysis of GTRBAC using timed automata
Proceedings of the 14th ACM symposium on Access control models and technologies
Proceedings of the 15th ACM symposium on Access control models and technologies
Set covering problems in role-based access control
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Efficient run-time solving of RBAC user authorization queries: pushing the envelope
Proceedings of the second ACM conference on Data and Application Security and Privacy
NSS'12 Proceedings of the 6th international conference on Network and System Security
Beyond accountability: using obligations to reduce risk exposure and deter insider attacks
Proceedings of the 18th ACM symposium on Access control models and technologies
| Hi-index | 0.00 |
A key issue in RBAC systems is how to efficiently handle the user authorization process. That is, whether or not to grant a user's request to acquire a set of requested permissions or to activate a set of requested roles in a single session. The presence of hybrid hierarchies as well as the cardinality and dynamic separation of duty constraints make the issue more complex. In this paper, we define this issue as the user authorization query problem consisting of a role mapping problem and an activation checking problem. We also propose a set of algorithms to solve the role mapping and the activation checking problems. We show that our model is practical and flexible, and can deal with various cases in presence of the hybrid hierarchy and cardinality/DSoD constraints.