Role-based access control: a multi-dimensional view

Recently there has been considerable interest in role-based access control (RBAC) as an alternative, and supplement, to the traditional discretionary and mandatory access controls (DAC and MAC) embodied in the Orange Book. The roots of RBAC can be traced back to the earliest access control systems. Roles have been used in a number of systems for segregating various aspects of security and system administration. Recent interest in RBAC has been motivated by the use of roles at the application level to control access to application data. This is an important innovation which offers the opportunity to realize benefits in securing an organization's information assets, similar to the benefits of employing databases instead of files as the data repository. A number of proposals for RBAC have been published in the literature, but there is no consensus on precisely what is meant by RBAC. This paper lays the groundwork for developing this consensus. In our view RBAC is a concept which has several dimensions, all of which may not be present in a given system or product. We envisage each dimension as being linearly ordered with respect to the sophistication of features provided. This leads us to the idea of a multi-dimension model for RBAC. Achieving agreement on what these dimensions are, and how the features in each dimension should be ordered, will take debate and time. Our contribution here is to lay out a vision on how to approach a common understanding of RBAC, and take a first cut at identifying the dimensions of RBAC. A major benefit of such a multidimensional RBAC would be to allow comparison of different products and assess their appropriateness for various system requirements.<<ETX>>

[1]  Frederick H. Lochovsky,et al.  Role-Based Security in Data Base Management Systems , 1988, DBSec.

[2]  James G. Williams,et al.  Toward a universal integrity model , 1991, Proceedings Computer Security Foundations Workshop IV.

[3]  T. C. Ting A User-Role Based Data Security Approach , 1988, Database Security.

[4]  Dan Thomsen,et al.  Role-Based Application Design and Enforcement , 1990, Database Security.

[5]  Ravi S. Sandhu,et al.  Separation of Duties in Computerized Information Systems , 1990, DBSec.

[6]  William T. Polk,et al.  Security Issues in the Database Language SQL , 1993 .

[7]  Ravi S. Sandhu,et al.  A Three Tier Architecture for Role-Based Access Control , 1994 .

[8]  Ravi S. Sandhu,et al.  The NTree: a two dimension partial order for protection groups , 1988, TOCS.

[9]  Ravi Sandhu,et al.  Transaction control expressions for separation of duties , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[10]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[11]  R.W. Baldwin,et al.  Naming and grouping privileges to simplify security management in large databases , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Teresa F. Lunt Access control policies: Some unanswered questions , 1989, Comput. Secur..