• DocumentCode
    3366404
  • Title

    SARBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy

  • Author

    Zhang, Yue ; Joshi, James B D

  • Author_Institution
    Univ. of Pittsburgh, Pittsburgh
  • fYear
    2007
  • fDate
    29-31 Aug. 2007
  • Firstpage
    149
  • Lastpage
    154
  • Abstract
    Recently, administration of RBAC systems using a role-based approach has become very appealing because of the benefits that such an approach typically brings. This approach uses RBAC itself to manage RBAC policies so that the administration functions can be decentralized and made more efficient. Existing RBAC administration models, however, fail to deal with RBAC systems with hybrid hierarchy, which has been shown to be necessary to specify fine-grained RBAC policies. In this paper, we propose a Scoped Administration model for RBAC with Hybrid Hierarchy (SARBAC07) by using the notion of an administrative scope that was earlier proposed in the SARBAC model. We show that our model keeps all the advantages of the original model and can deal with more complex situations where hybrid hierarchy is needed.
  • Keywords
    authorisation; RBAC systems; SARBAC07 model; hybrid hierarchy; role-based access control; scoped administration model; Access control; Centralized control; Computer science; Computer security; Control systems; Information science; Information security; NIST; Permission;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
  • Conference_Location
    Manchester
  • Print_ISBN
    0-7695-2876-7
  • Electronic_ISBN
    978-0-7695-2876-2
  • Type

    conf

  • DOI
    10.1109/IAS.2007.90
  • Filename
    4299766
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3366404