An experimental study of ERBAC03 for access control administration

Author

Yenmunkong, Burin ; Sathitwiriyawong, Chanboon

Author_Institution

Res. Center for Commun. & Inf. Technol., King Mongkut´´s Inst. of Technol., Bangkok, Thailand

Volume

B

fYear

2004

fDate

21-24 Nov. 2004

Firstpage

57

Abstract

This paper proposes an extension of the conventional role-based access control (RBAC model) called enhanced role-based access control or ERBAC03 model. The model is developed for the role-based access control of information system resources in large organizations that have many branches. Each branch consists of many users with different roles. It is related to a specified static separation of duty constraint in order to prevent fraud of users. We analyze the result of RBAC and ERBAC03 models by a number of experiments based on users´ locations. The result proves that the proposed ERBAC03 model eliminates the inaccuracy of access control administration that has incurred in the conventional RBAC model. Any conflicting role is not allowed to be added to the associated database tables.

Keywords

authorisation; constraint theory; database management systems; ERBAC03; access control administration; associated database table; duty constraint; enhanced role-based access control; information system resource; static separation; users location; Access control; Databases; Environmental management; Information systems; Information technology; Mathematical model; NIST; Permission; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

TENCON 2004. 2004 IEEE Region 10 Conference

Print_ISBN

0-7803-8560-8

Type

conf

DOI

10.1109/TENCON.2004.1414530

Filename

1414530