An Object-Dependent and Context Constraints-Aware Access Control Approach Based on RBAC
نویسندگان
چکیده
The universal adoption of the Internet requires a fine grained access control in the sharing of sensitive resources. However, existing access control mechanisms are inflexible and do not help in alleviating the management task of administrating users’ access to resources based on security policies. In this paper, we propose an approach to implement fine-grained access control based on RBAC while considering specific context constraints. The approach is object-dependent and policy-enforced through binding policies to particular object. In the policies, context constraints are incorporated to support separation of duties (SoD). Furthermore, the implement of the approach is described in detail and an application to meet specific access control requirements of comprehensive knowledge management system in an aviation enterprise is presented.
منابع مشابه
Modelling context-aware RBAC models for mobile business processes
In a mobile computing environment, distributed business processes are executed in varying contexts. Context-aware access control mechanisms help to protect sensitive data and services in mobile application scenarios. Context constraints are a means to consider context information in access control decisions. In this paper, we integrate context constraints with process-related role-based access ...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملEmploying UML and OCL for designing and analysing role-based access control
Stringent security requirements of organizations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorization constraints increase the complexity of the resulting security policies so that too...
متن کاملEmploying UML and OCL for Designing and Analyzing Role-Based Access Control
Stringent security requirements of organizations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorization constraints increase the complexity of the resulting security policies so that too...
متن کاملCA-RBAC: Context Aware RBAC Scheme in Ubiquitous Computing Environments
Role based access control (RBAC) assigns access permissions to a role rather than a user. This simplifies access control management by simply assigning appropriate roles to users and by modifying the permissions of the roles. With the advent of ubiquitous computing, many kinds of services, especially personalized services to give convenience to users, have been introduced. Among them, providing...
متن کامل