Title :
A Fine Grained RBAC Model Supporting Flexible Administrative Separation of Duty
Author :
He, Yongzhong ; Han, Zhan ; Cai, Ying
Author_Institution :
Sch. of Comput., Beijing Jiaotong Univ., Beijing, China
Abstract :
Role based access control (RBAC) model is widely used in information system for efficient management of complex access control policy. Various extensions to the basic RBAC model are proposed for different purpose. A novel extension to the basic RBAC is presented in this paper. The model proposed in this paper is characteristic of (1) flexible and fine grained access control on objects such as tuples and attributes in DBMS, (2) providing administrative separation of duty at operation level by associating one operation to several privileges, (3) providing administrative separation of duty at task level by requiring a set of prerequisite roles before role is assigned to user. Furthermore, an efficient access decision algorithm for DRBAC is presented.
Keywords :
administrative data processing; authorisation; database management systems; information management; DBMS; access decision algorithm; fine grained RBAC model; flexible administrative duty separation; role based access control; Algorithm design and analysis; Authorization; Collaboration; Computational modeling; Semantics; administrative Separation of Duty; fine-grained; prerequisite role;
Conference_Titel :
Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), 2010 Sixth International Conference on
Conference_Location :
Darmstadt
Print_ISBN :
978-1-4244-8378-5
Electronic_ISBN :
978-0-7695-4222-5
DOI :
10.1109/IIHMSP.2010.55
