Abstract
Role-Based Access Control is an access control scheme born to accommodate organizational access control policies. Despite RBAC is widely used, it presents some handicaps when accommodating the natural user progression within a system: from low access privileges, when the user is new in the system, to higher access privileges as the user experience grows. In this paper, we build on FRBAC to propose an RBAC-like intra-role user progression scheme inspired in role playing games. User progression will result in progressive abilities acquisition and enhancing, enhancing RBAC with more expressive access control policies.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Adams, E.: Fundamentals of Game Design, 2nd edn. New Riders Publishing (2009)
Bonatti, P., Duma, C., Olmedilla, D., Shahmehri, N.: An integration of reputation-based and policy-based trust management. In: Semantic Web and Policy Workshop (in conjunction with 4th International Semantic Web Conference) (2005)
Chakraborty, S., Ray, I.: Trustbac: integrating trust relationships into the rbac model for access control in open systems. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies (SACMAT 2006), pp. 49–58. ACM (2006)
Cheng, P.-C., Rohatgi, P., Keser, C., Karger, P.A., Wagner, G.M., Reninger, A.S.: Fuzzy multi-level security: An experiment on quantified risk-adaptive access control. In: Proceedings of the 2007 IEEE Symposium on Security and Privacy, pp. 222–230. IEEE Computer Society (2007)
Dovrolis, C., Ramanathan, P.: A case for relative differentiated services and the proportional differentiation model. IEEE Network 13(5), 26–34 (1999)
Ferraiolo, D.F., Kuhn, R.D., Chandramouli, R.: Role-Based Access Control, 2nd edn. Artech House, Inc. (2007)
Ferraiolo, D.F., Sandhu, R.S., Gavrila, S.I., Richard Kuhn, D., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Transactions on Information Systems Security 4(3), 224–274 (2001)
Klir, G.J., Yuan, B.: Fuzzy sets and fuzzy logic: theory and applications. Prentice-Hall, Inc. (1995)
Martínez-García, C., Navarro-Arribas, G., Borrell, J.: Fuzzy role-based access control. Information Processing Letters 111, 483–487 (2011)
Mezzetti, N.: A Socially Inspired Reputation Model. In: Katsikas, S.K., Gritzalis, S., López, J. (eds.) EuroPKI 2004. LNCS, vol. 3093, pp. 191–204. Springer, Heidelberg (2004)
Moyer, M.J., Covington, M.J., Ahamad, M.: Generalized role-based access control for securing future applications. In: 23rd National Information Systems Security Conference, NISSC 2000 (2000)
Takabi, H., Amini, M., Jalili, R.: Trust-based user-role assignment in role-based access control. In: ACS/IEEE International Conference on Computer Systems and Applications, pp. 807–814. IEEE Computer Society (2007)
Woo, J.W., Hwang, M.J., Lee, C.G., Youn, H.Y.: Dynamic role-based access control with trust-satisfaction and reputation for multi-agent system. In: 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 1121–1126 (2010)
Yong, H.: Reputation and role based access control model for multi-domain environments. In: 2010 International Symposium on Intelligence Information Processing and Trusted Computing (IPTC), pp. 597–600 (2010)
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Martínez-García, C., Navarro-Arribas, G., Borrell, J. (2012). Intra-role Progression in RBAC: An RPG-Like Access Control Scheme. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds) Data Privacy Management and Autonomous Spontaneus Security. DPM SETOP 2011 2011. Lecture Notes in Computer Science, vol 7122. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28879-1_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-28879-1_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28878-4
Online ISBN: 978-3-642-28879-1
eBook Packages: Computer ScienceComputer Science (R0)