The basic concept of role-based access control (RBAC) is that permissions are associated with roles and users are made members of appropriate roles thereby acquiring the roles' permissions. Using RBAC to manage RBAC provides additional convenience. The administration of RBAC can be divided into three main categories namely, user-role assignment, permission-role assignment and role-role assignment. The administration of RBAC in distributed systems presents additional challenges relative to centralized systems. The central contribution of this paper is to identify some architectures for RBAC administration in distributed systems, and to present a push-based architecture for user-role assignment. We classify the architectures based on event noti cation, system policies, system capabilities and role classi cation.
[1]
D. Richard Kuhn,et al.
Role-Based Access Control ( RBAC ) : Features and Motivations
,
2014
.
[2]
Ravi S. Sandhu,et al.
Role-Based Access Control Models
,
1996,
Computer.
[3]
Pietro Iglio,et al.
A formal model for role-based access control with constraints
,
1996,
Proceedings 9th IEEE Computer Security Foundations Workshop.
[4]
Imtiaz Mohammed,et al.
Design for dynamic user-role-based security
,
1994,
Comput. Secur..
[5]
Sylvia L. Osborn,et al.
Access Rights Administration in Role-Based Security Systems
,
1994,
DBSec.
[6]
Sebastiaan H. von Solms,et al.
The management of computer security profiles using a role-oriented approach
,
1994,
Comput. Secur..