Authorization Algorithms for Permission-Role Assignments
نویسندگان
چکیده
Permission-role assignments (PRA) is one important process in Role-based access control (RBAC) which has been proven to be a flexible and useful access model for information sharing in distributed collaborative environments. However, problems may arise during the procedures of PRA. Conflicting permissions may assign to one role, and as a result, the role with the permissions can derive unexpected access capabilities. This paper aims to analyze the problems during the procedures of permission-role assignments in distributed collaborative environments and to develop authorization allocation algorithms to address the problems within permission-role assignments. The algorithms are extended to the case of PRA with the mobility of permission-role relationship. Finally, comparisons with other related work are discussed to demonstrate the effective work of the paper.
منابع مشابه
Formal Authorisation Allocation Approaches for Permission-role Assignment Using Relational Algebra Operations
In this paper, we develop formal authorization allocation algorithms for permission-role assignments. The formal approaches are based on relational structure, and relational algebra and operations. The process of permission-role assignments is an important issue in role-based access control (RBAC) as it may modify the authorization level or imply high-level confidential information to be derive...
متن کاملConditional Privacy-Aware Role Based Access Control
Privacy is considered critical for all organizations needing to manage individual related information. As such, there is an increasing need for access control models which can adequately support the specification and enforcement of privacy policies. In this paper, we propose a model, referred to as Conditional Privacy-aware Role Based Access Control (P-RBAC), which supports expressive condition...
متن کاملAdvanced Permission-Role Relationship in Role-Based Access Control
Permission-role assignment is an important issue in rolebased access control (RBAC). There are two types of problems that may arise in permission-role assignment. One is related to authorization granting process. Conflicting permissions may be granted to a role, and as a result, users with the role may have or derive a high level of authority. The other is related to authorization revocation. W...
متن کاملNimble Adaptation of RBAC to Organizational Changes
The authors propose a business-oriented approach to support accurate and dynamic user-role assignments for the Role Based Access Control (RBAC) model. Their model, called Business-Driven Role Based Access Control (BD-RBAC), is composed of three layers. The first layer extends the RBAC model with the concepts of business roles, system roles, credentials, and users’ capabilities. The second layer...
متن کاملFormal Authorization Allocation Approaches for Role-Based Access Control Based on Relational Algebra Operations
In this paper, we develop formal authorization allocation algorithms for role-based access control (RBAC). The formal approaches are based on relational structure, and relational algebra and operations. The process of user-role assignments is an important issue in RBAC because it may modify the authorization level or imply high-level confidential information to be derived while users change pos...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- J. UCS
دوره 15 شماره
صفحات -
تاریخ انتشار 2009