An Organizational Structure-Based Administration Model for Decentralized Access Control

نویسندگان

  • Sejong Oh
  • Changwoo Byun
  • Seog Park
چکیده

We propose an effective administration model using organizational structure for a decentralized role-based access control environment. Access control administration is a critical issue for large organizations and information systems. A large organization needs decentralized access control by multiple security officers because it has many users and information objects, and a single security officer cannot do all the work. If an organization has multiple security officers, managing them is another important security task. The task includes defining the authority scope and keeping the administrative operations of each security officer legal. Access control administration means controlling security officers’ administrative work. ARBAC is a typical model for access control administration. ARBAC defines authority scope using the role hierarchy, and it leads many shortcomings. Our proposed model uses the organizational structure as a basis for defining authority scope and keeping administrative operations legal. The proposed model overcomes the shortcomings of ARBAC, and offers a clear rationale for access control administration.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A combination of semantic and attribute-based access control model for virtual organizations

A Virtual Organization (VO) consists of some real organizations with common interests, which aims to provide inter organizational associations to reach some common goals by sharing their resources with each other. Providing security mechanisms, and especially a suitable access control mechanism, which enforces the defined security policy is a necessary requirement in VOs. Since VO is a complex ...

متن کامل

Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration

AbStrAct This chapter addresses the problem that traditional role-base access control (RBAC) models do not scale up well for modeling security policies spanning multiple organizations. After reviewing recently proposed Role and Organization Based Access Control (ROBAC) models, an administrative ROBAC model called AROBAC07 is presented and formalized in this chapter. Two examples are used to mot...

متن کامل

An Administrative Model for Role-Based Access Control Using Hierarchical Namespace

Access Control is an important mechanism of information security. Role-Based Access Control is a famous access control approach with good flexibility. RBAC96 and ARBAC97 are classical RBAC models. The ARBAC97 model facilitates decentralized administration of RBAC. However, ARBAC97 has some shortcomings in the case of being used in an organization with autonomous subsidiaries. The member of an a...

متن کامل

AN OBSERVER-BASED INTELLIGENT DECENTRALIZED VARIABLE STRUCTURE CONTROLLER FOR NONLINEAR NON-CANONICAL NON-AFFINE LARGE SCALE SYSTEMS

In this paper, an observer based fuzzy adaptive controller (FAC) is designed fora class of large scale systems with non-canonical non-affine nonlinear subsystems. It isassumed that functions of the subsystems and the interactions among subsystems areunknown. By constructing a new class of state observer for each follower, the proposedconsensus control method solves the problem of unmeasured sta...

متن کامل

A Paradigm for Dynamic and Decentralized Administration of Access Control in Workflow Applications

The administration of authorizations in modem Web-based computing environments has become a primary concern. Application security is characterized by a significant complexity, due to the large number of variations and combinations of objects and operations to be protected. Thus, there is a need for data, processes and context parameters, like time and location, to be combined into a security mo...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • J. Inf. Sci. Eng.

دوره 22  شماره 

صفحات  -

تاریخ انتشار 2006