论文信息 - Discretionary access control with the administrative role graph model

Discretionary access control with the administrative role graph model

Previous research examining the mapping of discretionary access control (DAC) to role-based access control (RBAC) has considered neither ownership nor further granting of privileges. We show how to accomplish this by mapping from a relational database environment to the administrative role graph model (ARGM) of Wang and Osborn. The goals of the research are to determine if the ARGM has sufficient features to accomplish this mapping, and to study whether the grant operation in relational databases should be modeled as administration or as delegation. Our conclusion is that the ARGM can simulate both ownership and granting, without requiring a delegation model.

He Wang | Sylvia L. Osborn

[1] Sylvia L. Osborn,et al. On the Interaction Between Role-Based Access Control and Relational Databases , 1996, DBSec.

[2] He Wang,et al. Delegation in the role graph model , 2006, SACMAT '06.

[3] He Wang,et al. An Administrative Model for Role Graphs , 2003, DBSec.

[4] Sylvia L. Osborn,et al. Modeling users in role-based access control , 2000, RBAC '00.

[5] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.

[6] Sylvia L. Osborn,et al. The role graph model and conflict of interest , 1999, TSEC.

[7] Ravi S. Sandhu,et al. How to do discretionary access control using roles , 1998, RBAC '98.

[8] Sylvia L. Osborn,et al. Privilege Administration for the Role Graph Model , 2002, DBSec.

[9] Sylvia L. Osborn,et al. A Design for Parameterized Roles , 2004, DBSec.