Title :
ROBAC: Scalable Role and Organization Based Access Control Models
Author :
Zhang, Zhixiong ; Zhang, Xinwen ; Sandhu, Ravi
Author_Institution :
Coll. Board, Reston, VA
Abstract :
In RBAC, roles are typically created based on job functions inside an organization. Traditional RBAC does not scale up well for modeling security policies spanning multiple organizations. To solve this problem, a family of extended RBAC models called role and organization based access control (ROBAC) models is proposed and formalized in this paper. Two examples are used to motivate and demonstrate the usefulness of ROBAC. Comparison between ROBAC and other related RBAC models is given. We show that ROBAC can significantly reduce administration complexity for Web and Internet-based applications involving a large number of organizations. Some administrative issues for ROBAC are identified and discussed. Although the theoretical-expressive power of ROBAC is the same as that of RBAC, it is more succinct and intuitive to use ROBAC than to use RBAC when applications involve many organizations
Keywords :
authorisation; RBAC; ROBAC; role and organization based access control; Access control; Business; Degradation; Educational institutions; Internet; Large-scale systems; Permission; Scalability; Security; Terminology; RBAC; ROBAC; access control; role and organization based access control;
Conference_Titel :
Collaborative Computing: Networking, Applications and Worksharing, 2006. CollaborateCom 2006. International Conference on
Conference_Location :
Atlanta, GA
Print_ISBN :
1-4244-0429-0
Electronic_ISBN :
1-4244-0429-0
DOI :
10.1109/COLCOM.2006.361879
