A role-based administration model for attributes

Authors:
Xin Jin;Ram Krishnan;Ravi Sandhu
Affiliations:
Univ of Texas at San Antonio, San Antonio, TX;Univ of Texas at San Antonio, San Antonio, TX;Univ of Texas at San Antonio, San Antonio, TX
Venue:
Proceedings of the First International Workshop on Secure and Resilient Architectures and Systems
Year:
2012

Citing 12
Cited 1

Role-Based Access Control Models

Computer
The ARBAC97 model for role-based administration of roles

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Flexible support for multiple access control policies

ACM Transactions on Database Systems (TODS)
Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation

ACM Transactions on Information and System Security (TISSEC)
Lattice-Based Access Control Models

Computer
The URA97 Model for Role-Based User-Role Assignment

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
The UCONABC usage control model

ACM Transactions on Information and System Security (TISSEC)
A logic-based framework for attribute based access control

Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Access control: principle and practice

IEEE Communications Magazine
A unified attribute-based access control model covering DAC, MAC and RBAC

DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
RABAC: role-centric attribute-based access control

MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security

Reachability analysis for role-based administration of attributes

Proceedings of the 2013 ACM workshop on Digital identity management

Quantified Score

Hi-index	0.00

Visualization

Abstract

Attribute based access control (ABAC) provides flexibility and scalability for securely managing access to resources, particularly in distributed environments. In ABAC, access requests are authorized through policies evaluated with respect to attributes of various entities such as users, subjects, objects, context, etc. Administration of user attributes is one of the major issues in ABAC. However, there has been little research in this area. This paper proposes a framework to administer user attributes using role based access control (RBAC). Our motivation is that RBAC has demonstrated advantages in ease of administration and is widely deployed in the industry. Thus, an appealing possibility is to use RBAC to manage user attributes. In this paper we propose a generalized version of the user role assignment model in the ARBAC97 administrative role based access control model. The generalized version treats role as just one possible attribute of the user. The paper explores the model's advantages and limitations and provides guidance for future development of more comprehensive user attribute administrative models.