Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Integrated constraints and inheritance in DTAC
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Specifying and enforcing constraints in role-based access control
Proceedings of the eighth ACM symposium on Access control models and technologies
A Formal Model for Role-Based Access Control with Constraints
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A case study of separation of duty properties in the context of the Austrian "eLaw" process.
Proceedings of the 2005 ACM symposium on Applied computing
Mutually exclusive permissions in RBAC
International Journal of Internet Technology and Secured Transactions
Hi-index | 0.00 |
Role-based access control (RBAC) is an evolution in the field of access control. RBAC offers tight security of information and ease of management to implement. The focus of this paper is on some of the important factors in RBAC, i.e., dynamic separation of duty (DSD) which is implemented to avoid internal security threats and role inheritance. We discuss DSD from a different perspective, i.e., object-based dynamic separation of duty. Also, we discuss permission level inheritance from object perspective. Different problems and observations have been described regarding DSD with respect to formal definitions of DSD. Those observations and problems influenced us to go for updated definition of DSD. So, we propose a definition of DSD from different perspective and elaborate the importance of role inheritance. Different examples have been given regarding object-based DSD with different scenarios. We also describe the benefits of implementing the proposed definition of DSD.