Development of a Flexible Access Control Design by Extending RBAC

Role based access control (RBAC) has received much attention for more than a decade as one of the most attractive solutions for access control in Web-based information systems. However, its associated characteristics are often not suitable for a varying organization requiring a flexible structure. In order to address this limitation, it may essentially be required to assess more flexibility to access control mechanisms. To this end, we propose a new extended access control mechanisms incorporating three authentication dimensions based on user, department, and role. We then demonstrate that the proposed mechanisms can improve utilization of a Web-based knowledge-sharing system.

[1]  Chen Xin,et al.  Knowledge sharing and Web-based knowledge-sharing platform , 2004, IEEE International Conference on E-Commerce Technology for Dynamic E-Business.

[2]  Thomas Ziebermayr,et al.  Web service authorization framework , 2004, Proceedings. IEEE International Conference on Web Services, 2004..

[3]  Joni da Silva Fraga,et al.  Role-based access control for CORBA distributed object systems , 2002, Proceedings of the Seventh IEEE International Workshop on Object-Oriented Real-Time Dependable Systems. (WORDS 2002).

[4]  Mustaque Ahamad,et al.  Generalized role-based access control , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[5]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[6]  Günther Pernul,et al.  Administration of an RBAC system , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[7]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[8]  Pierangela Samarati,et al.  Authentication, access control, and audit , 1996, CSUR.

[9]  Clyde W. Holsapple,et al.  Theoretical foundations for collaborative commerce research and practice , 2004, Inf. Syst. E Bus. Manag..