Hybrid Role and Attribute Based Access Control Applied in Information Systems
نویسندگان
چکیده
Abstract It this paper it is proposed a new access control model – Hybrid Role and Attribute Based Access Control (HRABAC). an extension of Role-Based (RBAC). HRABAC designed for information systems enterprise software combines the advantages RBAC Attribute-Based (ABAC). easy configurable, fine-grained supports role hierarchies. The describes scheme in Laravel package laravelroles/rolespermissions, which developed by author paper, as answer to requirements practice configurable solution. chosen, because most popular widely used PHP framework. laravelroles/rolespermissions on so that maximum number programmers could use it. This contains working tested functionalities managing users, roles permissions, applied accounting system.
منابع مشابه
Attribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملRABAC: Role-Centric Attribute-Based Access Control
Role-based access control (RBAC) is a commercially dominant model, standardized by the National Institute of Standards and Technology (NIST). Although RBAC provides compelling benefits for security management it has several known deficiencies such as role explosion, wherein multiple closely related roles are required (e.g., attendingdoctor role is separately defined for each patient). Numerous ...
متن کاملAttribute-Based Oblivious Access Control
In an attribute-based system (ABS), users are identified by various attributes, instead of their identities. Since its seminal introduction, the attribute-based mechanism has attracted a lot of attention. However, current ABS schemes have a number of drawbacks: (i) the communication cost is linear in the number of the required attributes; (ii) the computation cost is linear in the number of the...
متن کاملA combination of semantic and attribute-based access control model for virtual organizations
A Virtual Organization (VO) consists of some real organizations with common interests, which aims to provide inter organizational associations to reach some common goals by sharing their resources with each other. Providing security mechanisms, and especially a suitable access control mechanism, which enforces the defined security policy is a necessary requirement in VOs. Since VO is a complex ...
متن کاملSecure Information Sharing Using Attribute Certificates and Role Based Access Control
In this paper, we explore the issues involved with the design and rapid deployment of large scale secure information sharing (SIS) systems for coordination involved with multiple agencies. Procedures and tools were developed for setting up quickly the public key infrastructure (PKI) and privilege management infrastructure (PMI) for the multi-agency SIS systems. A multi-agency SIS testbed based ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Cybernetics and Information Technologies
سال: 2021
ISSN: ['1311-9702', '1314-4081']
DOI: https://doi.org/10.2478/cait-2021-0031