An Administrative Model for Role-Based Access Control Using Hierarchical Namespace
暂无分享,去创建一个
Access Control is an important mechanism of information security. Role-Based Access Control is a famous access control approach with good flexibility. RBAC96 and ARBAC97 are classical RBAC models. The ARBAC97 model facilitates decentralized administration of RBAC. However, ARBAC97 has some shortcomings in the case of being used in an organization with autonomous subsidiaries. The member of an administrative role can operate directly in the role range of a junior administrative role, which violates the autonomy of subsidiaries. We propose a new model named N-RBAC to overcome this weakness. In NRBAC, roles are arranged according to a hierarchical namespace structure. Thus the role hierarchy is constructed in a local space instead of in a global space. The N-RBAC model does a better work in decentralized role administration in those organizations composed of autonomous subsidiaries.
[1] Ravi S. Sandhu,et al. An Oracle implementation of the PRA97 model for permission-role assignment , 1998, RBAC '98.
[2] Ravi S. Sandhu,et al. Role-based Administration of User-Role Assignment: The URA97 Model and its Oracle Implementation , 1999, J. Comput. Secur..
[3] Ravi S. Sandhu,et al. A model for role administration using organization structure , 2002, SACMAT '02.
[4] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.