Authorization algorithms for the mobility of user-role relationship
ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38
Advanced Permission-Role Relationship in Role-Based Access Control
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Protecting Information Sharing in Distributed Collaborative Environment
Advanced Web and NetworkTechnologies, and Applications
Delegating revocations and authorizations in collaborative business environments
Information Systems Frontiers
Delegating revocations and authorizations
BPM'07 Proceedings of the 2007 international conference on Business process management
Role-Based delegation with negative authorization
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Secure and efficient information sharing in multi-university E-Learning environments
ICWL'07 Proceedings of the 6th international conference on Advances in web based learning
Hi-index | 0.00 |
In this paper, we develop formal authorization allocationalgorithms for role-based access control (RBAC). Theformal approaches are based on relational structure, andrelational algebra and operations. The process of user-roleassignments is an important issue in RBAC because it maymodify the authorization level or imply high-level confidentialinformation to be derived while users change positionsand request different roles. There are two types of problemswhich may arise in user-role assignment. One is related toauthorization granting process. When a role is granted to auser, this role may be conflict with other roles of the user ortogether with this role; the user may have or derive a highlevel of authority. Another is related to authorization revocation.When a role is revoked from a user, the user maystill have the role from other roles.To solve the problems, this paper presents an authorizationgranting algorithm, and weak revocation and strongrevocation algorithms that are based on relational algebra.The algorithms can be used to check conflicts and thereforeto help allocate the roles without compromising the securityin RBAC. We describe how to use the new algorithms withan anonymity scalable payment scheme. Finally, comparisonswith other related work are discussed.