Publication | Closed Access
A model for role administration using organization structure
137
Citations
11
References
2002
Year
Unknown Venue
Rbac AdministrationEngineeringInformation SecurityHuman Resource ManagementOrganizational BehaviorLogical Access ControlAccess MethodManagementAccess ControlRole AdministrationTrusted Operating SystemComputer ScienceOrganizational CommunicationOrganizational StructureOrganizational ModelBusinessRole-based Access ControlAuthentication Access ControlAuthorization Policies
Role‑based access control is a widely accepted model for enterprise security, but administering it efficiently remains a challenge, especially in large organizations where solutions like ARBAC97 rely on role ranges and prerequisite conditions. The authors propose ARBAC02, an improved role‑administration model designed to address the shortcomings of ARBAC97. ARBAC02 assigns new users and permission pools to organization units independent of role hierarchy, refines prerequisite conditions, and adopts a bottom‑up permission‑role administration approach.
Role-based access control (RBAC) is recognized as an excellent model for access control in an enterprise environment. In large enterprises, effective RBAC administration is a major issue. ARBAC97 is a well-known solution for decentralized RBAC administration. ARBAC97 authorizes administrative roles by means of role ranges' and prerequisite conditions'. Although attractive and elegant in their own right, we will see that these mechanisms have significant shortcomings.We propose an improved role administration model named ARBAC02 to overcome the weaknesses of ARBAC97. ARBAC02 adopts the organization unit for new user and permission pools independent of role or role hierarchy. It uses a refined prerequisite condition. In addition, we present a bottom-up approach to permission-role administration in contrast to the top-down approach of ARBAC97.
| Year | Citations | |
|---|---|---|
Page 1
Page 1