Title :
Trust-Based User-Role Assignment in Role-Based Access Control
Author :
Takabi, Hassan ; Amini, Morteza ; Jalili, Rasool
Author_Institution :
Sharif Univ. of Technol., Tehran
Abstract :
Role based access control (RBAC) model is naturally suitable to organizations where users are assigned organizational roles with well-defined privileges. Nowadays, many organizations and enterprises such as banks, insurance industry and utility companies, provide online services to their very large number of users. This shows that assigning users to roles is a intolerable task and maintaining user-role assignment up-to-date is costly and error-prone. Also, with the increasing number of users, RBAC may have problems in prohibiting cheat and changing roles of users. To overcome these problems, user-role assignment decision can be made based on how much we trust him/her. In this paper, we propose a model to assign users to roles based on trustworthiness which is fuzzy in nature. The proposed model uses fuzzy relation equations to compute trust values.
Keywords :
authorisation; fuzzy set theory; fuzzy relation equations; online services; organizational roles; role-based access control; trust-based user-role assignment; well-defined privileges; Access control; Companies; Control systems; Equations; Fuzzy set theory; Information security; Insurance; Permission; Power system modeling; Power system protection;
Conference_Titel :
Computer Systems and Applications, 2007. AICCSA '07. IEEE/ACS International Conference on
Conference_Location :
Amman
Print_ISBN :
1-4244-1030-4
Electronic_ISBN :
1-4244-1031-2
DOI :
10.1109/AICCSA.2007.370725
