AdOrBAC: an administration model for Or-BAC

11 years 5 months ago
AdOrBAC: an administration model for Or-BAC
Even though the final objective of an access control model is to provide a framework to decide if actions performed by subjects on objects are permitted or not, it is not convenient to directly specify an access control policy using concepts of subjects, objects and actions. This is why the Role Based Access Control (RBAC) ggests using the concept of role as a more abstract concept than subject to specify a policy. The Organization Based Access Control (Or-BAC) model further generalizes the RBAC model by introducing the of activity and view as abstractions of action and object. In the Or-BAC model, it is also possible to specify privileges that only apply in some given contexts. In this paper, we present AdOr-BAC, an administration model for Or-BAC. This model is fully homogeneous with the remainder of Or-BAC. AdOr-BAC can control assignment of user to role (User Role Administration), assignment of permission to role (Permission Role Administration) and assignment of user to permissio...
Frédéric Cuppens, Alexandre Mi&egrav
Added 17 Dec 2010
Updated 17 Dec 2010
Type Journal
Year 2004
Where CSSE
Authors Frédéric Cuppens, Alexandre Miège
Comments (0)