On the interaction between role-based access control and relational databases
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
Design systolic systems: Illustrating of regular algorithms on synchronous array processors
Design systolic systems: Illustrating of regular algorithms on synchronous array processors
Decentralized user-role assignment for Web-based intranets
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
An Oracle implementation of the PRA97 model for permission-role assignment
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Communications of the ACM
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The RSL99 language for role-based separation of duty constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Supporting relationships in access control using role based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Untraceable off-line electronic cash flow in e-commerce
ACSC '01 Proceedings of the 24th Australasian conference on Computer science
Ticket-based service access scheme for mobile users
ACSC '02 Proceedings of the twenty-fifth Australasian conference on Computer science - Volume 4
An Efficient Divisible Electronic Cash Scheme
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Building a consumer scalable anonymity payment protocol for Internet purchases
RIDE '02 Proceedings of the 12th International Workshop on Research Issues in Data Engineering: Engineering E-Commerce/E-Business Systems (RIDE'02)
A Consumer Scalable Anonymity Payment Scheme with Role-Based Access Control
WISE '01 Proceedings of the Second International Conference on Web Information Systems Engineering (WISE'01) Volume 1 - Volume 1
Ubiquitous computing environments and its usage access control
InfoScale '06 Proceedings of the 1st international conference on Scalable information systems
A framework for role-based group deligation in distributed environments
ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
Access control management for ubiquitous computing
Future Generation Computer Systems
Advanced Permission-Role Relationship in Role-Based Access Control
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Protecting Information Sharing in Distributed Collaborative Environment
Advanced Web and NetworkTechnologies, and Applications
Delegating revocations and authorizations in collaborative business environments
Information Systems Frontiers
Delegating revocations and authorizations
BPM'07 Proceedings of the 2007 international conference on Business process management
Towards secure XML document with usage control
APWeb'05 Proceedings of the 7th Asia-Pacific web conference on Web Technologies Research and Development
Role-Based delegation with negative authorization
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Secure and efficient information sharing in multi-university E-Learning environments
ICWL'07 Proceedings of the 6th international conference on Advances in web based learning
Protecting disseminative information in E-Learning
ICWL'07 Proceedings of the 6th international conference on Advances in web based learning
Hi-index | 0.00 |
In this paper, we develop formal authorization allocation algorithms for permission-role assignments. The formal approaches are based on relational structure, relational algebra and operations. The process of permission-role assignments is an important issue in role-based access control (RBAC) as it may modify the authorization level or imply high-level confidential information to be derived when roles are changed and request different permissions. There are two types of problems that may arise in permission-role assignments. One is related to authorization granting process. Conflicting permissions may be granted to a role, and as a result, users with the role may have or derive a high level of authority. Another is related to authorization revocation. When permission is revoked from a role, the role may still have the permission from other roles.To solve the problems, this paper presents an authorization granting algorithm, and weak revocation and strong revocation algorithms that are based on relational algebra operations. The algorithms can be used to check conflicts and therefore to help allocate permissions without compromising the security in RBAC. We describe how to use the new algorithms with an anonymity scalable payment scheme. Finally, comparisons with other related work are discussed.