The A-IRBAC 2000 Model: Administrative Interoperable Role-Based Access Control

Secure interaction and interoperability between administrative domains is a major concern. For domains that utilize RBAC, Kapadia et al. proposed the IRBAC 2000 model, which can be used to establish a flexible policy for dynamic inter-domain role translations. However, there are scenarios under which the IRBAC model becomes difficult to manage. One such scenario is where interoperability is desired among large and complex role hierarchies. Another is where there is a desire to distribute the administrative authority for managing inter-domain translations between different security officers. Therefore, we introduce the Administrative IRBAC 2000 model. The A-IRBAC builds over IRBAC model by employing RBAC to manage inter-domain role translations, following the concepts outlined in ARBAC97 by Sandhu et al.

[1]  Roy H. Campbell,et al.  Dynamic Authorization Support in Large Distributed Systems , 1999 .

[2]  Ravi S. Sandhu,et al.  The ARBAC99 model for administration of roles , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[3]  Ravi S. Sandhu,et al.  Rationale for the RBAC96 family of access control models , 1996, RBAC '95.

[4]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[5]  P. Metzger,et al.  Network Working Group , 2000 .

[6]  Roy H. Campbell,et al.  IRBAC 2000: Secure Interoperability Using Dynamic Role Translation , 2000, International Conference on Internet Computing.

[7]  Roy H. Campbell,et al.  Seraphim: dynamic interoperable security architecture for active networks , 2000, 2000 IEEE Third Conference on Open Architectures and Network Programming. Proceedings (Cat. No.00EX401).

[8]  Gary Scott Malkin Internet Users' Glossary , 1996, RFC.