DARBAC: Dynamically Administering Role Based Access Control
نویسندگان
چکیده
Access control administration regulates and enforces the definition of the components of an access control system by authorized administrative users. In this paper, the limitations on administrative aspects of well-known security models are addressed and the requirements for efficient management of authorizations are investigated in order to provide fine-grained and just-in-time access control for collaborative applications. Subsequently, the DARBAC (Dynamically Administering Role Based Access Control) model, which is a new approach in the area of role-based access control administration, is proposed and formally defined. The DARBAC model introduces new mechanisms for dynamic administration of access control and provides security features that comprise temporal role activation depending on particular objectives, controlled decentralization of administrative care, constraint-based privacy protection, dynamic separation of duties based on collaborative goals, and synchronization of permission availability for users with different responsibilities. Key-Words: Access control, meta access, RBAC, DARBAC
منابع مشابه
Dynamic Access Control Administration for Collaborative Applications
Today’s web-based collaborative applications need new approaches to overcome the shortcomings of classical access control. The limitations on administrative aspects of the existing security models and the requirements for more efficient management of authorizations in order to provide fine-grained and just-in-time access control for collaborative applications are discussed in this paper. The pr...
متن کاملA Paradigm for Dynamic and Decentralized Administration of Access Control in Workflow Applications
The administration of authorizations in modem Web-based computing environments has become a primary concern. Application security is characterized by a significant complexity, due to the large number of variations and combinations of objects and operations to be protected. Thus, there is a need for data, processes and context parameters, like time and location, to be combined into a security mo...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملA Dynamic Query-Rewriting Mechanism for Role-Based Access Control in Databases
Although Role-Based Access Control (RBAC) is a common security model currently, it has not been systematically applied in databases. In this paper, we propose a framework that enforces RBAC based on dynamic query rewriting. This framework grants privileges to data based on an intersection of roles, database structures, content, and privileges. All of this is implemented at the database level, w...
متن کاملUni-ARBAC: A Unified Administrative Model for Role-Based Access Control
Many of the advantages of Role Based Access Control (RBAC) accrue from the flexibility of its administrative models. Over the past two decades, several administrative models have been proposed to manage user-role, permission-role and in some cases role-role relations. These models are based on different administrative principles and bring inherent advantages and disadvantages. In this paper, we...
متن کامل