I Mproved & E Xtended - Rbac ( Jv - Rbac ) M Odel with X . 509 a Uthentication
نویسنده
چکیده
Role-based access control models have attracted appreciable research interest in past time due to their providing some flexibility to security management and ability to model organizational structure and their capability to reduce administrative expenses. In this paper, we explains the drawbacks of RBAC96 model in the aspect of the authorization, access rules and fine-grain access controls in the practical application and established a extended-RBAC model, named as JV-RBAC (Joshi-Vaisla RBAC), which integrates the authorization of users and roles, authentication is implemented by X.509 and providing higher security by introducing access rules and audit function.
منابع مشابه
RBAC Policies in XML for X.509 Based Privilege Management
This paper describes a role based access control policy template for use by privilege management infrastructures where the roles are stored as X.509 Attribute Certificates in an LDAP directory. There is a brief description of the X.509 privilege management model, and how it can be used to implement RBAC. Policies that conform to the template are written in XML, and the template is specified as ...
متن کاملRBAC on the Web by Smart Certi cates Joon
We have described in another paper how to develop and use smart certiicates by extending X.509 with several sophisticated features for secure attribute services on the Web. In this paper, we describe an implementation of RBAC (Role-Based Access Control) with role hierarchies on the Web as one possible application of smart certiicates. To support RBAC, we issued smart certiicates-which hold the ...
متن کاملRole-based Eam Using X.509 Attribute Certificate∗
In this paper, we describe an experiment of designing and implementing a role-based extranet access management (EAM) by leveraging rolebased access control (RBAC) and X.509 attribute certificate for scalable and interoperable authorization. Compared with previous works in this area, we show that our approach can overcome the problems of previous solutions and broaden RBAC’s applicability into l...
متن کاملEmploying UML and OCL for Designing and Analyzing Role-Based Access Control
Stringent security requirements of organizations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorization constraints increase the complexity of the resulting security policies so that too...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کامل