Research on object-oriented role-based access control model

We provide an object-oriented model for role-based access control (RBAC). In RBAC, permissions are associated with roles. Users are assigned members of roles, thereby obtaining the associated permissions. Administrators dominate the authorization of access permissions to make target resource available for users. We introduce the concept of object to provide an efficient access control mechanism for multidomains distributed system with centralized control and decentralized management of the policy controller. This model discusses static and dynamic role authorization, and further analysis of dynamic features of the model.

[1]  Ravi S. Sandhu,et al.  The ARBAC99 model for administration of roles , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[2]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[3]  Edward C. Cheng,et al.  An object-oriented organizational model to support dynamic role-based access control in electronic commerce applications , 1999, Proceedings of the 32nd Annual Hawaii International Conference on Systems Sciences. 1999. HICSS-32. Abstracts and CD-ROM of Full Papers.

[4]  Chang N. Zhang,et al.  Specification and enforcement of object-oriented RBAC model , 2001, Canadian Conference on Electrical and Computer Engineering 2001. Conference Proceedings (Cat. No.01TH8555).

[5]  Ravi S. Sandhu,et al.  The RRA97 model for role-based administration of role hierarchies , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).