Managing Risks in RBAC Employed Distributed Environments

نویسندگان

  • Ebru Celikel Cankaya
  • Murat Kantarcioglu
  • Bhavani M. Thuraisingham
  • Elisa Bertino
چکیده

Role Based Access Control (RBAC) has been introduced in an effort to facilitate authorization in database systems. It introduces roles as a new layer in between users and permissions. This not only provides a well maintained access granting mechanism, but also alleviates the burden to manage multiple users. While providing comprehensive access control, current RBAC models and systems do not take into consideration the possible risks that can be incurred with role misuse. In distributed environments a large number of users are a very common case, and a considerable number of them are first time users. This fact magnifies the need to measure risk before and after granting an access. We investigate the means of managing risks in RBAC employed distributed environments and introduce a probability based novel risk model. Based on each role, we use information about user credentials, current user queries, role history log and expected utility to calculate the overall risk. By executing data mining on query logs, our scheme generates normal query clusters. It then assigns different risk levels to individual queries, depending on how far they are from the normal clusters. We employ three types of granularity to represent queries in our architecture. We present experimental results on real data sets and compare the performances of the three granularity levels.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A risk management approach to RBAC

Even if Role Based Access Control (RBAC) is employed properly, distributed database environments are still prone to illegitimate access attempts: in RBAC, users potentially carry the risk of illegal access attempts via credentials violation, or unintentional/intentional incorrect use of already granted permissions via role misuse/abuse. We introduce a probabilistic risk management model for enh...

متن کامل

X - Rbac : an Access Control Language for Multi - Domain Environments

A multi-domain application environment consists of distributed multiple organizations, each employing its own security policy, allowing highly intensive inter-domain accesses. Ensuring security in such an environment poses several challenges. XML technologies are being perceived as the most promising approach for developing pragmatic security solutions for such environments because of the integ...

متن کامل

Team-and-Role-Based Organizational Context and Access Control for Cooperative Hypermedia Environments

Access control needs to be more flexible and fine-grained to support cooperative tasks and processes performed by dynamic teams. This can be done by applying state-of-theart role-based access control (RBAC) technology. This paper examines how to integrate RBAC in a team-based organization context and how to apply such access control to hypermedia structures. Based on the analysis of these issue...

متن کامل

TR 2008 - 624 Making RBAC Work in Dynamic , Fast - Changing Corporate Environments Senior Honors

In large organizations with tens of thousands of employees, managing individual people’s permissions is tedious and error prone, and thus a possible source of security risks. RoleBased Access Control addresses this problem by grouping users into roles, which reflect job functions in the corporation. Permissions are assigned to roles instead of directly to users, which means that all users assig...

متن کامل

Security Policy Integration based on Role-Based Access Control Model in Healthcare Collaborative Environments

Recently research is focused on security policy integration and conflict reconciliation among various healthcare organizations. However, challenging security and privacy risks issues still arisen during sharing sensitive patient data in different large distributed organizations. In this paper, we proposed an approach for integrating security policies based on Role-Based Access Control (RBAC) po...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2007