ROAC: a role-oriented access control model

Authors:
Nezar Nassr;Eric Steegmans
Affiliations:
Dept. of Computer Science and Engineering, Katholieke Universiteit Leuven, Leuven, Belgium;Dept. of Computer Science and Engineering, Katholieke Universiteit Leuven, Leuven, Belgium
Venue:
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Year:
2012

Citing 9
Cited 1

Parents are shared parts of objects: inheritance and encapsulation in SELF

Lisp and Symbolic Computation
Monotonic conflict resolution mechanisms for inheritance

OOPSLA '92 conference proceedings on Object-oriented programming systems, languages, and applications
Role-Based Access Control Models

Computer
Role activation hierarchies

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The uses of role hierarchies in access control

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Access Control in a Virtual University

WETICE '99 Proceedings of the 8th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Fine-Grained Access Control with Object-Sensitive Roles

Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
A Multiple Hierarchies RBAC Model

CMC '10 Proceedings of the 2010 International Conference on Communications and Mobile Computing - Volume 01

OSDM: an organizational supervised delegation model for RBAC

ISC'12 Proceedings of the 15th international conference on Information Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Role-Based Access Control (RBAC) has become the de facto standard for realizing authorization requirements in a wide range of organizations. Existing RBAC models suffer from two main shortcomings; lack of expressiveness of roles/permissions and ambiguities of their hierarchies. Roles/permissions expressiveness is limited since roles do not have the ability to express behaviour and state, while hierarchical RBAC cannot reflect real organizational hierarchies. In this paper, we propose a novel access control model: The Role-Oriented Access Control Model (ROAC), which is based on the concepts of RBAC but inspired by the object-oriented paradigm. ROAC greatly enhances expressiveness of roles and permissions by introducing parameters and methods as members. The hierarchical ROAC model supports selective inheritance of permissions.