Role -based access control (RBAC) has been introduced in the last few years, and offers a powerful means of specifying access control decisions. The model of RBAC usually assumes that, if there is a role hierarchy, then access rights are inherited upwards through the hierarchy. This paper examines the relationship between the inheritance properties of role hierarchies and control principles which are used in many large organisations: separation of duties; delegation; and supervision and review. It discusses possible relationships between roles and identifies three different kinds of role hierarchy. The control principles and role hierarchies are illustrated in a realistic application, and their interactions are discussed. It emerges that there may be conflict between control principles and the inheritance of access rights through a role hierarchy. Some ways in which role hierarchies can be used for safe inheritance of access rights are discussed.
[1]
Sushil Jajodia,et al.
A logical language for expressing authorizations
,
1997,
Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).
[2]
Ravi S. Sandhu,et al.
Role-Based Access Control Models
,
1996,
Computer.
[3]
Klaus R. Dittrich,et al.
Argos - A Configurable Access Control System for Interoperable Environments
,
1995,
DBSec.
[4]
T. C. Ting.
A User-Role Based Data Security Approach
,
1988,
Database Security.
[5]
James E. Rumbaugh,et al.
Object-Oriented Modelling and Design
,
1991
.
[6]
David D. Clark,et al.
A Comparison of Commercial and Military Computer Security Policies
,
1987,
1987 IEEE Symposium on Security and Privacy.