Skip to main content
SpringerLink
Log in

Trust-Aware RBAC

  • Conference paper
Computer Network Security (MMM-ACNS 2012)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 7531))

Abstract

In this paper we propose a trust-aware enhancement of RBAC (TA-RBAC) that takes trustworthiness of users into consideration explicitly before granting access. We assume that each role in the framework is associated with an expression that describe trustworthiness of subjects required to be able to activate the role, and each subject (user) has assigned trustworthiness level in the system. By adding trustworthiness constraints to roles we enhance system, for example, with more flexible ability to delegate roles, to control reading/updating of objects by denying such operations to those subjects that violate trustworthiness requirements.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aich, S., Sural, S., Majumdar, A.: STARBAC: Spatiotemporal Role Based Access Control. In: Meersman, R., Tari, Z. (eds.) OTM 2007, Part II. LNCS, vol. 4804, pp. 1567–1582. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  2. ANSI/INCITS 359-2004. Role Based Access Control. InterNational Committee for Information Technology Standards (formerly NCITS) / 03-Feb-2004 / 56 pages

    Google Scholar 

  3. Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Mathematical Foundations. MITRE Corporation (1973)

    Google Scholar 

  4. Bhatti, R., Bertino, E., Ghafoor, A.: A Trust-Based Context-Aware Access Control Model for Web-Services, Distributed and Parallel Databases (2005)

    Google Scholar 

  5. Biba, K.J.: Integrity Considerations for Secure Computer Systems, MTR-3153, The Mitre Corporation (April 1977)

    Google Scholar 

  6. Bishop, M.: Computer Security: Art and Science. Addison Wesley, Boston (2003)

    Google Scholar 

  7. Chandran, S.M., Joshi, J.B.D.: LoT-RBAC: A Location and Time-Based RBAC Model. In: Ngu, A.H.H., Kitsuregawa, M., Neuhold, E.J., Chung, J.-Y., Sheng, Q.Z. (eds.) WISE 2005. LNCS, vol. 3806, pp. 361–375. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. Chakraborty, S., Ray, I.: TrustBAC: integrating trust relationships into the RBAC model for access control in open systems. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies (SACMAT 2006), pp. 49–58. ACM, New York (2006)

    Chapter  Google Scholar 

  9. Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: Geo-RBAC: A spatially aware RBAC. ACM Trans. Inf. Syst. Secur. 10, 1–42

    Google Scholar 

  10. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control. Artech House (2003)

    Google Scholar 

  11. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security (TISSEC) 4(3), 224–274 (2001)

    Article  Google Scholar 

  12. Ferreira, A., Chadwick, D., Farinha, P., Correia, R., Zao, G., Chilro, R., Antunes, L.: How to securely break into RBAC: The BTG-RBAC model. In: Annual Computer Security Applications Conference, ACSAC 2009, pp. 23–31 (December 2009)

    Google Scholar 

  13. Ferreira, A., Cruz-Correia, R., Antunes, L., Farinha, P., Oliveira-Palhares, E., Chadwick, D., Costa-Pereira, A.: How to break access control in a controlled manner. In: 19th IEEE International Symposium on Computer-Based Medical Systems CBMS 2006, pp. 847–854 (2006)

    Google Scholar 

  14. Jøsang, A.: An Algebra for Assessing Trust in Certification Chains. In: Kochmar, J. (ed.) Proceedings of the Networks and Distributed Systems Security, NDSS 1999 (1999)

    Google Scholar 

  15. Jøsang, A.: A Logic of Uncertain Probabilities, International Journal of Uncertainty. Fuzziness and Knowledge-Based Systems 9(3), 279–311 (2001)

    MathSciNet  Google Scholar 

  16. Jøsang, A.: The Consensus Operator for Combining Beliefs. Artificial Intelligence Journal 142(1-2), 157–170 (2002)

    Article  Google Scholar 

  17. Hansen, F., Oleshchuk, V.: Spatial role-based access control model for wireless networks. In: IEEE Vehicular Technology Conference VTC 2003, vol. 3, pp. 2093–2097 (2003)

    Google Scholar 

  18. Hansen, F., Oleshchuk, V.: SRBAC: A spatial role-based access control model for mobile systems. In: Proceedings of the Seventh Nordic Workshop on Secure IT Systems (Nordsec 2003), October 15-17, pp. 129–141 (2003)

    Google Scholar 

  19. Hansen, F., Oleshchuk, V.: Location-based security framework for use of handheld devices in medical information systems. In: Fourth Annual IEEE International Conference on Pervasive Computing and Communications, PerCom Workshops 2006, March 13-17, pp. 564–569 (2006)

    Google Scholar 

  20. Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust management framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 114–130. IEEE Computer Society Press (2002)

    Google Scholar 

  21. Oleshchuk, V., Fensli, R.: Remote patient monitoring within a future 5G infrastructure. Wireless Personal Communications 57, 431–439

    Google Scholar 

  22. Ray, I., Kumar, M., Yu, L.: LRBAC: A Location-Aware Role-Based Access Control Model. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 147–161. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  23. Ray, I., Ray, I., Chakraborty, S.: An interoperable context sensitive model of trust. Journal of Intelligent Information Systems 32(1), 75–104 (2009)

    Article  Google Scholar 

  24. Toahchoodee, M., Abdunabi, R., Ray, I., Ray, I.: A Trust-Based Access Control Model for Pervasive Computing Applications. In: Gudes, E., Vaidya, J. (eds.) Data and Applications Security XXIII. LNCS, vol. 5645, pp. 307–314. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  25. Toahchoodee, M., Xie, X., Ray, I.: Towards Trustworthy Delegation in Role-Based Access Control Model. In: Proceedings of the 12th International Conference on Information Security, Pisa, Italy, September 07-09 (2009)

    Google Scholar 

  26. Wainer, J., Kumar, A.: A fine-grained, controllable, user-to-user delegation method in RBAC. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies (SACMAT 2005), pp. 59–66. ACM, New York (2005)

    Chapter  Google Scholar 

  27. Zhang, X., Oh, S., Sandhu, R.: PBDM: a flexible delegation model in RBAC. In: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies (SACMAT 2003), pp. 149–157. ACM, New York (2003)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of ICT, University of Agder, PB 509, N-4898, Grimstad, Norway

    Vladimir Oleshchuk

Authors
  1. Vladimir Oleshchuk
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Institute for Informatics and Automation, Russian Academy of Science, 39, 14th Liniya, 199178, St.-Petersburg, Russia

    Igor Kotenko

  2. Binghamton University (SUNYI), 13902, Binghamton, NY, USA

    Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Oleshchuk, V. (2012). Trust-Aware RBAC. In: Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2012. Lecture Notes in Computer Science, vol 7531. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33704-8_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-33704-8_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33703-1

  • Online ISBN: 978-3-642-33704-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation