The RRA97 Model for Role-Based Administration of Role Hierarchies

10 years 7 months ago
The RRA97 Model for Role-Based Administration of Role Hierarchies
Abstract Role-based access control RBAC has recently received a lot of attention due to its exibility, expressive power and simplicity in administration. In RBAC permissions are associated with roles and users are made members of roles thereby acquiring the associated permissions. Centralized management of RBAC in large systems is a tedious and costly task. An appealing possibility is to use RBAC itself to facilitate decentralized administration of RBAC. The recently proposed ARBAC97 administrative RBAC '97 model identi es components called URA97, PRA97 and RRA97 for administration of user-role, permission-role and role-role assignments respectively. URA97 and PRA97 have already been described in detail in the literature, whereas RRA97 has so far not been de ned. The central contribution of this paper is to give a complete and formal de nition of RRA97, thereby completing the ARBAC97 model. The e ect of rolerole assignment is to construct a role hierarchy that is, a partial order ...
Ravi S. Sandhu, Qamar Munawer
Added 04 Aug 2010
Updated 04 Aug 2010
Type Conference
Year 1998
Authors Ravi S. Sandhu, Qamar Munawer
Comments (0)