Role-Based Access Control Models
Computer
Access control in federated systems
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Hierarchical ID-Based Cryptography
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Requirements for scalable access control and security management architectures
ACM Transactions on Internet Technology (TOIT)
| Hi-index | 0.00 |
Role-Based Access Control (RBAC) is a powerful and versatile access control system for large-scale access control management within an organization. Most studies so far consider RBAC models that have a single consistent access control policy, which implicitly confine an RBAC system to one organization. However, many real-world requirements of access control span multiple organizations; thus, there is a need to design scalable RBAC models for such use cases. We propose a trans-organizational RBAC model that enables access control within and across organizations. A formal definition of trans-organizational RBAC is presented. We show that the model is scalable in a multi-organization setup, and does not require the creation of federations. Finally, a security issue in the model is identified and possible approaches to address this are discussed.