Structured management of role-permission relationships

Authors:
Najam Perwaiz
Affiliations:
Lancaster Univ., Lancaster, U.K.
Venue:
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Year:
2001

Citing 8
Cited 5

Role-Based Access Control Models

Computer
The ARBAC97 model for role-based administration of roles: preliminary description and outline

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Characteristics of role-based access control

RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Decentralized user-role assignment for Web-based intranets

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Managing role/permission relationships using object access types

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
On the increasing importance of constraints

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Attribute certification: an enabling technology for delegation and role-based controls in distributed environments

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control

A model for role administration using organization structure

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Policy Administration Domains

ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
An effective role administration model using organization structure

ACM Transactions on Information and System Security (TISSEC)
A formal framework to elicit roles with business meaning in RBAC systems

Proceedings of the 14th ACM symposium on Access control models and technologies
Role activation management in role based access control

ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper describes a structured approach to managing Role-permission relationships for implementing RBAC in large decentralized organizations. The paper begins by outlining the rationale behind this design followed by the description of its two main features. We show how the use of logical objectives (as opposed to physical objects) as targets of permissions can improve ease of use and accuracy of the administration process. We also describe a mechanism for viewing role-permission relationships in the context of organizational structures, which provides an opportunity for bringing about qualitative improvement in RABC implementation. We conclude by summing up the scope and limitations of our approach.