Thispaper describes extension of the standard RBAC model with a semantic context that canbe used in corporative information systems to express the dependence between employees'work responsibilities and system roles assigned to corresponding users. The main dierenceof the proposed model is that it allows to automate role assignment and revocation. Thisarticle contains also a safety proof for proposed semantic model.
Download file
Counter downloads: 67
- Title Semantic Role Based Access Control Model
- Headline Semantic Role Based Access Control Model
- Publesher
Tomsk State University - Issue Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics 2(16)
- Date:
- DOI
Keywords
automated role management, RBAC, автоматизация управления ролями, ролевое управление доступомAuthors
References
Джоханссон Дж. Обеспечение безопасности. Ресурсы Windows Server 2008. СПб.: Русская редакция, 2009. 544 с.
Нокс Д. Создание эффективной системы безопасности для Oracle Database 10g. М: Лори, 2007. 576 с.
Sandhu R. S., Bhamidipati V., and Munawer Q. The ARBAC97 model for role-based aministration of roles // ACM Trans. Information and Systems Security. No.2(1). NewYork: ACM Publishing, 1999. P. 105-135.
Ferraiolo D., Kuhn D., and Chandramoul R. Role Based Access Control. NewYork: ARTECH HOUSE, INC, 2003. 337 с.
Девянин П. Н. Модели безопасности компьютерных систем. Управление доступом и информационными потоками: учеб. пособие для вузов. М: Горячая линия - Телеком, 2011. 320 с.
http://csrc.nist.gov/rbac/rbacSTD-ACM.pdf - National Institute of Standards and Technology, Proposed Standard for Role-Based Access Control.
Semantic Role Based Access Control Model | Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics. 2012. № 2(16).
Download full-text version
Download fileCounter downloads: 214