Toward an improved RBAC model for the organic organization

For the smooth and efficient business within the organization of an enterprise today, it is required to utilize the information processing system by using computers, for which the most important factor for the security of organization is the access control for resources. Many access control methods have been studied including DAC and MAC. The role based access control (RBAC), which is based on role, is spotlighted today, and many models have been studied. However, most RBAC models support the bureaucratic organization structure that is mechanical, static, ordinary and of clear vertical relationships. This paper studies the characteristics of the adhocracy organization and the RBAC model to support the adhocracy organization structure that is organic, dynamic and extraordinary such as matrix organization or task force team.

[1]  Horst F. Wedde,et al.  Modular authorization , 2001, SACMAT '01.

[2]  Ramaswamy Chandramouli,et al.  Role-Based Access Control Features in Commercial Database Management Systems , 1998 .

[3]  Roshan K. Thomas,et al.  Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments , 1997, RBAC '97.

[4]  Emil C. Lupu,et al.  Reconciling role based management and role based access control , 1997, RBAC '97.

[5]  Joon S. Park,et al.  Access control mechanisms for inter-organizational workflow , 2001, SACMAT '01.

[6]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[7]  David R. Kuhn,et al.  Role-Based Access Control (RBAC): Features and Motivations | NIST , 1995 .

[8]  Ravi S. Sandhu,et al.  Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management , 1997, DBSec.

[9]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[10]  Roshan K. Thomas,et al.  Flexible team-based access control using contexts , 2001, SACMAT '01.

[11]  David F. Ferraiolo,et al.  Role Based Access Control for the World Wide Web , 1997 .

[12]  Sujeet Shenoi,et al.  Security policy coordination for heterogeneous information systems , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[13]  Seog Park,et al.  Task-Role Based Access Control (T-RBAC): An Improved Access Control Model for Enterprise Environment , 2000, DEXA.