Abstract

User role-based protection presents a flexible (hence adaptive) means for enforcing differing ranges of security policies. It can emulate both mandatory and discretionary access control modes of protection. Role-based protection enforces the principle of least privilege, hence minimizing the risk of Trojan horse attacks. This paper offers a glimpse into the strengths (and some weaknesses) of role-based protection, the structures for its enforcement and pointers to the direction for future research.