Title :
Research on improved RBAC model and its access control strategy
Author :
Shi, Lei ; Sun, Shouqian ; Yuan, Jun
Author_Institution :
Comput. Sci. Tech. Dept., Zhejiang Univ., Hangzhou, China
Abstract :
Role based access control (RBAC) is a technology that is attracting increasing attention, particularly for commercial application, because of its potential for reducing the complexity and cost of security administration in large networked application. Nevertheless, there are many deficiencies in the management of user, role and permission, as using the RBAC model in true applications. For instance, when the system gradually expand the scale, the assignment of the user and the assignment of the role¿s efficiency is rapidly decrease; the permission¿s transfer caused by the inheritance of the role, makes the contradictions between the number of role and the granularity of the permission be sharp gradually. In the light of the deficiency of traditional RBAC model¿s access control mechanism, four improved mechanisms are proposed and the improved model¿s access control policy is discussed.
Keywords :
authorisation; RBAC model; role based access control; security administration; Access control; Authorization; Costs; Data security; Information security; Internet; NIST; Permission; Protection; Sun; RBAC; access control; information security;
Conference_Titel :
Computer-Aided Industrial Design and Conceptual Design, 2008. CAID/CD 2008. 9th International Conference on
Conference_Location :
Kunming
Print_ISBN :
978-1-4244-3290-5
Electronic_ISBN :
978-1-4244-3291-2
DOI :
10.1109/CAIDCD.2008.4730747
