论文信息 - Role-based Administration of User-role Assignment and Its Oracle Implementation

Role-based Administration of User-role Assignment and Its Oracle Implementation

In role-based access control (RBAC) permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles’ permissions. The principal motivation behind RBAC is to simplify administration. An appealing possibility is to use RBAC itself to manage RBAC, to further provide administrative convenience. In this paper we investigate one aspect of RBAC administration concerning assignment of users to roles. We define a role-based administrative model, called URA (User-Role Assignment), for this purpose and describe its implementation in the Oracle database management system. Although our model is quite different from that built into Oracle, we demonstrate how to use Oracle stored procedures to implement it.

Zongkai Yang | Qingtang Liu | Lilong Han

[1] Kevin Loney,et al. Oracle: The complete reference , 1990 .

[2] Imtiaz Mohammed,et al. Design for dynamic user-role-based security , 1994, Comput. Secur..

[3] Ravi S. Sandhu,et al. Rationale for the RBAC96 family of access control models , 1996, RBAC '95.

[4] Steven Feuerstein,et al. Oracle PL/SQL Programming , 1993 .

[5] Sebastiaan H. von Solms,et al. The management of computer security profiles using a role-oriented approach , 1994, Comput. Secur..

[6] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.

[7] Pietro Iglio,et al. A formal model for role-based access control with constraints , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.