Email this article Dynamic Role-Based Access Control Model
Abstract
Abstract-With the rapid development of network and the coming of information age, access control is particularly important, role-based access control (RBAC) is an access control which is popular. RBAC authorizes and controls the roles corresponding to the users to operate the object. It solves problems of least privilege, separation of duties and so on. However, limited permissions are required to be executed by a certain sequence, that is, the permission owned by a user is controlled by other users’. To solve this problem, this paper proposed an improved model on the base of the original RBAC, not only to retain the original characteristics of RBAC but also solve a specific problem of some permissions which are needed to executed by sequential order, and the analysis shows that this scheme has better security, better flexibility, and can be well applied to the workflow system.
Keywords
References
[1] R.Power.Tangled web: Tales of Digital Crime from the Shadows of Cyberspace[M], Que/MacmillanPublishing, August 2000.
[2] R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E.Youman, "Role-Based Access Control Models,"[C] IEEE Computer, vol. 29, pp:38-47, 1996.
[3] Snyder L.Formal Models of Capability-Based Protection Systems[J].IEEE Trans on Computers,vol. 30,pp:172-181,March 1981.
doi:10.1109/TC.1981.1675753
[4] Solworth, J.A.; Sloan, R.H. A layered design of discretionary access controls with decidable safety properties,[C] IEEE Symposium on Security and Privacy,pp: 56-67, May2004 .
doi:10.1109/SECPRI.2004.1301315
[5] Ninghui Li. How to make Discretionary Access Control secure against trojan horses[C],Parallel and Distributed Processing, 2008, pp:1-3 April 2008.
[6] Sandhu, R.Issues in RBAC.In: Proceedings of the ACM RBAC Workshop.MD: ACM Press, pp:21-24,1996.
[7] Sandhu R S,Cogne E J, Feinstein H L, etal. Role-Based Access Control Models[J].IEEE Computer, vol.29, pp:38-47, February1996.
[8] QIAO Ying, XU De, DAI Guo-Zhong. A New Role-Based Access Control Model and It’s Implement Mechanism[J]. Journal of Computer Research & Development,vol.37,pp:37-44, January2000.
[9] Ferraiolo D, Kuhn D R,Chandramouli R. Role based Access Control[M].[s.l.]: Artech House,2003.
[10] DONG Guang-yu, QING Si-han, LIU Ke-long. Role-Based Authorization with Time Character[J]. Journal of Software, vol.13,pp:1521-1527.August 2002.
[11] HUANG Jian, QING Si-han, WEN Hong-zi, Timed Role-Based Access Control[J]. Journal of Software, vol. 14,pp: 1944-1954, November2003.
[12] GUO Hui, LI Yangming, WANG Lifen. Design and Research of Access Control Model Based on Role and Task[J]. Computer Engineering,vol. vol.32,pp:143-145,August2006.
[13] LUO An-de. Research and Practice on Task and Role-Based Access Control Model[D]. Zhejiang: Zhejiang Gongshang University.2009.
[14] YANG Fan, XUE Zhi-xin, SHI Yong-ge. A Dynamic Authority Management Mechanism Based on Role[J]. Computer Engineering,vol.7,pp:99-102, July2008.
[15] FANG Yu. The research and design of role based access control[D]. Anhui: HeFei University of Technology. 2009.
[16] Guang-liang Liu, Xin-you Li, Sheng-xian Xie, Hong-bin Luo, Jun-qing Li, Yu-ting Wang. Multi-granularity Time-constraint Role-based Access Control[C]. IEEE International Symposium on IT in Medicine and Education,pp:1024-1027,August 2008.
[17] JIANG Xue-wu. The research of role-based access control’s policy[D]. Shanghai: Shanghai Jiao Tong University. 2005.
[18] CHEN Yi, GENG Guo-hua, LI Zhe. Research and Application of Dynamic Access Control[J]. computer technology and development,vol.16,pp:223-225, February2006.
[19] JIANG Tao, LI Xin-man, LIU Ji-ren. Research on information securoty mode [J]. MINI-MICRO SYSTEM,pp:1076-1081, October 2000.
[20] J. Crampton,”On permissions, inheritance and role hierarchies,”in CCS ‘03: Proceedings of the 10th ACM conference on Computer and communications security. NewYork,NY,USA: ACM, pp:85-92, 2003,
[21] C. Goh and A. Baldwin,”Towards a more complete model of role,” in RBAC ‘98: Proceedings of the third ACM workshop on Role-based access control. New York, NY, USA: ACM, pp:55-62,1998.
[22] J. D. Moffett and E. C. Lupu, “The uses of role hierarchies in access control,”in RBAC ‘99: Proceedings of the fourth ACM workshop on Role-based access control. NewYork, NY, USA: ACM, pp:153-160,1999.
Full Text: PDF