Hybrid Role Hierarchy for Generalized Temporal Role Based Access Control Model

Generalized Temporal Role Based Access Control (GTRBAC) model that captures an exhaustive set of temporal constraint needs for access control has recently been proposed. GTRBAC’s language constructs allow one to specify various temporal constraints on role, user-role assignments and role-permission assignments. In this paper, we present the notion of different types of role hierarchies based on the permission-inheritance and role activation semantics. In particular, we look at how new hierarchical relations between a pair of roles that are not directly related can be derived through other well-defined hierarchically related roles. When the different hierarchy types coexist in a role hierarchy, inferring such derived hierarchical relations between a pair of roles can be complex. The results presented here provides a basis for formally analyzing the derived inheritance and activation semantics between every pairs of roles in a hierarchy.