Role-Based Access Control

The basic concept of role-based access control (RBAC) is that permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles' permissions. This idea has been around since the advent of multi-user computing. Until recently, however, RBAC has received little attention from the research community. This article describes the motivations, results and open issues in recent RBAC research. The article focuses on four areas. Firstly, RBAC is a multi-dimensional concept that can range from very simple at one extreme to quite complex and sophisticated at the other. This presents problems in coming up with a de nitive model of RBAC. We see how this impasse is resolved by having a family of models which can accommodate all these variations. Secondly, we discuss how RBAC can be used to manage itself. Recent models developed for this purpose are presented. Thirdly, the exibility of RBAC can be demonstrated in many ways. Here we show how RBAC can be con gured to enforce di erent variations of classical lattice-based mandatory access controls. Fourthly, we describe a conceptual three-tier architecture for speci cation and enforcement of RBAC. The article concludes with a discussion of open issues in RBAC. Portions of this article have been published earlier in [SCFY96, San96, SB97, SBC97, SF94]. Ravi Sandhu is also a liated with SETA Corporation, 6862 Elm Street, McLean, VA 22101