Risk-Aware RBAC Sessions
نویسندگان
چکیده
Role Based Access Control (RBAC) has received considerable attention as a model of choice for simplified access control over the past decade. More recently, risk awareness in access control has emerged as an important research theme to mitigate risks involved when users exercise their privileges to access resources under different contexts such as accessing a sensitive file from work versus doing the same from home. In this paper, we investigate how to incorporate “risk” in RBAC—in particular, in RBAC sessions. To this end, we propose an extension to the core RBAC model by incorporating risk awareness in sessions where the risk is bounded by a session-based “risk-threshold.” We develop a framework of models for role activation and deactivation in a session based on this threshold. Finally, we provide formal specification of one of these models by enhancing the NIST core RBAC model.
منابع مشابه
Risk-Aware Role-Based Access Control
The increasing need to share information in dynamic environments has created a requirement for risk-aware access control systems. The standard RBAC model is designed to operate in a relatively stable, closed environment and does not include any support for risk. In this paper, we explore a number of ways in which the RBAC model can be extended to incorporate notions of risk. In particular, we d...
متن کاملTowards Session-Aware RBAC Delegation: Function Switch
This paper shows how to extend RBAC sessions with dynamic aspects to deal with user switch. Users can authenticate using their functions which will create a dynamic session and automatically activate a set of privileges associated with this function. A dynamic session can be joined, leaved, restarted and reused by authorized users. Moreover, a user can switch the session to another user in orde...
متن کاملDS RBAC - Dynamic Sessions in Role Based Access Control
Besides the well established access control models, Discretionary Access Control (DAC) and Mandatory Access Control (MAC), the policy neutral Role Based Access Control (RBAC) is gaining increasing attention. An important step towards a wide acceptance of RBAC has been achieved by the standardization of RBAC through the American National Standards Institute (ANSI). While the mandatory concept of...
متن کاملA Comparison of Collaborative Access Control Models
Collaborative environments need access control to data and resources to increase working cooperation efficiently yet effectively. Several approaches are proposed and multiple access control models are recommended in this domain. In this paper, four Role-Based Access Control (RBAC) based collaborative models are selected for analysis and comparison. The standard RBAC model, Team-based Access Con...
متن کاملCA-RBAC: Context Aware RBAC Scheme in Ubiquitous Computing Environments
Role based access control (RBAC) assigns access permissions to a role rather than a user. This simplifies access control management by simply assigning appropriate roles to users and by modifying the permissions of the roles. With the advent of ubiquitous computing, many kinds of services, especially personalized services to give convenience to users, have been introduced. Among them, providing...
متن کامل