Hybrid role hierarchy for generalized temporal role based access control model

A generalized temporal role based access control (GTRBAC) model that captures an exhaustive set of temporal constraint needs for access control has been proposed. GTRBAC´s language constructs allow one to specify various temporal constraints on role, user-role assignments and role-permission assignments. We present the notion of different types of role hierarchies based on the permission-inheritance and role activation semantics. In particular, we look at how new hierarchical relations between a pair of roles that are not directly related can be derived through other well-defined hierarchically related roles. When the different hierarchy types coexist in a role hierarchy, inferring such derived hierarchical relations between a pair of roles can be complex. The results presented provide a basis for formally analyzing the derived inheritance and activation semantics between every pair of roles in a hierarchy.