Safety and Availability Checking for User Authorization Queries in RBAC
نویسندگان
چکیده
This paper introduces the notion of safety and availability checking for user authorization query processing, and develop a recursive algorithm use the ideas from backtracking-based search techniques to search for the optimal solution. For the availability checking, we introduce the notion of max activatable set (MAS), and show formally how MAS can be determined in a hybrid role hierarchy. For the safety checking, we give a formal definition of dynamic separation-of-duty (DSoD) policies, and show how to reduce the safety checking for DSoD to a SAT
منابع مشابه
Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملA User-Centered, Modular Authorization Service Built on an RBAC Foundation
Psychological acceptability has been mentioned as a requirement for secure systems for as long as least privilege and fail safe defaults, but until now has been all but ignored in the actual design of secure systems. We place this principle at the center of our design for Adage, an authorization service for distributed applications. We employ usability design techniques to specify and test the ...
متن کاملManaging Risks in RBAC Employed Distributed Environments
Role Based Access Control (RBAC) has been introduced in an effort to facilitate authorization in database systems. It introduces roles as a new layer in between users and permissions. This not only provides a well maintained access granting mechanism, but also alleviates the burden to manage multiple users. While providing comprehensive access control, current RBAC models and systems do not tak...
متن کاملDepartment of Computer Science and Engineering
Role-Based Access Control (RBAC) has proven as a cost effective as well as a practical solution for authorization management in large enterprises. In the recent past, RBAC has been widely explored and there have been several extensions to it. Current systems do not enforce standard RBAC features and its extensions in a seamless way, which is essential to make RBAC even better-suited for a wide ...
متن کاملNimble Adaptation of RBAC to Organizational Changes
The authors propose a business-oriented approach to support accurate and dynamic user-role assignments for the Role Based Access Control (RBAC) model. Their model, called Business-Driven Role Based Access Control (BD-RBAC), is composed of three layers. The first layer extends the RBAC model with the concepts of business roles, system roles, credentials, and users’ capabilities. The second layer...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Int. J. Computational Intelligence Systems
دوره 5 شماره
صفحات -
تاریخ انتشار 2012