Administrative scope: A foundation for role-based administrative models

  • Authors:
  • Jason Crampton;George Loizou

  • Affiliations:
  • Birkbeck, University of London, Surrey, England;Birkbeck, University of London, Surrey, England

  • Venue:
  • ACM Transactions on Information and System Security (TISSEC)
  • Year:
  • 2003

Quantified Score

Hi-index 0.00

Visualization

Abstract

We introduce the concept of administrative scope in a role hierarchy and demonstrate that it can be used as a basis for role-based administration. We then develop a family of models for role hierarchy administration (RHA) employing administrative scope as the central concept. We then extend RHA4, the most complex model in the family, to a complete, decentralized model for role-based administration. We show that SARBAC, the resulting role-based administrative model, has significant practical and theoretical advantages over ARBAC97. We also discuss how administrative scope might be applied to the administration of general hierarchical structures, how our model can be used to reduce inheritance in the role hierarchy, and how it can be configured to support discretionary access control features.