A role administration system in role-based authorization infrastructures: design and implementation

Authors:
Dongwan Shin;Gail-Joon Ahn;Sangrae Cho;Seunghun Jin
Affiliations:
University of North Carolina at Charlotte, Charlotte, NC;University of North Carolina at Charlotte, Charlotte, NC;Electronics and Telecommunications Research Institute;Electronics and Telecommunications Research Institute
Venue:
Proceedings of the 2003 ACM symposium on Applied computing
Year:
2003

Citing 13
Cited 2

Role-Based Access Control Models

Computer
Role engineering

RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Towards a more complete model of role

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
A role-based access control model and reference implementation within a corporate intranet

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Process-oriented approach for role-finding to implement role-based security administration in a large industrial organization

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A rule-based framework for role based delegation

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification

ACM Transactions on Information and System Security (TISSEC)
Design and implementation of a flexible RBAC-service in an object-oriented scripting language

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
A scenario-driven role engineering process for functional RBAC roles

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Observations on the role life-cycle in the context of enterprise security management

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Engineering of Role/Permission Assignments

ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference

On modeling system-centric information for role engineering

Proceedings of the eighth ACM symposium on Access control models and technologies
A policy-based decentralized authorization management framework for cloud computing

Proceedings of the 27th Annual ACM Symposium on Applied Computing

Quantified Score

Hi-index	0.01

Visualization

Abstract

In this paper we describe a system whose purpose is to help establish a valid set of roles and role hierarchies with assigned users and associated permissions. We have designed and implemented the system, called RA system, which enables role administrators to build and configure various components of a role-based access control (RBAC) model, thereby making it possible to lay a foundation for role-based authorization infrastructures. Three methodological constituents for our purpose are introduced, together with the design and implementation issues. The system has a role-centric view for easily managing constrained roles as well as assigned users and permissions. An LDAP-accessible directory service was used for a role database. We show that the system can be seamlessly integrated with an existing privilege-based authorization infrastructure. We finally discuss our plans for future development of the system.