Administration in role-based access control

13 years 2 days ago
Administration in role-based access control
Administration of large-scale RBAC systems is a challenging open problem. We propose a principled approach in designing and analyzing administrative models for RBAC. We identify six design requirements for administrative models of RBAC. These design requirements are motivated by three principles for designing security mechanisms: (1) flexibility and scalability, (2) psychological acceptability, and (3) economy of mechanism. We then use these requirements to analyze several approaches to RBAC administration, including ARBAC97 [21, 23, 22], SARBAC [4, 5], and the RBAC system in the Oracle DBMS. Based on these requirements and the lessons learned in analyzing existing approaches, we design UARBAC, a new family of administrative models for RBAC that has significant advantages over existing models.
Ninghui Li, Ziqing Mao
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where CCS
Authors Ninghui Li, Ziqing Mao
Comments (0)