Abstract

Role based access control (RBAC) model is naturally suitable to organizations where users are assigned organizational roles with well-defined privileges. Nowadays, many organizations and enterprises such as banks, insurance industry and utility companies, provide online services to their very large number of users. This shows that assigning users to roles is a intolerable task and maintaining user-role assignment up-to-date is costly and error-prone. Also, with the increasing number of users, RBAC may have problems in prohibiting cheat and changing roles of users. To overcome these problems, user-role assignment decision can be made based on how much we trust him/her. In this paper, we propose a model to assign users to roles based on trustworthiness which is fuzzy in nature. The proposed model uses fuzzy relation equations to compute trust values.