Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Control principles and role hierarchies
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Specifying and enforcing constraints in role-based access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Role inheritance with object-based DSD
International Journal of Internet Technology and Secured Transactions
| Hi-index | 0.00 |
Role-based access control (RBAC) always provides tight security of information and ease of management to security policy. There are certain constraints which make the information security tight. Separation of duty (SOD) in terms of mutual exclusion and role inheritance (RI) are some of those constraints which provide security of information and make the management of security policy easier. On one side after implementing separation of duty, we may able to get tight security but on the other side it can create complexity for the security administrator and the end users who use the system. Implementing mutual exclusion on the basis of roles reduces the authority of the RBAC user for which the user is authorised. In this paper, we describe the complexities and complications which can be faced after implementing separation of duty in terms of mutually exclusive roles (MER). We also describe the problems which can be faced if either the role inheritance is not implemented or implemented in an incomplete manner. We also propose a model to counter the problems.