Skip to main content
SpringerLink
Log in

New Concept of Authority Range for Flexible Management of Role Hierarchy

  • Conference paper
Information Security Applications (WISA 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3786))

Included in the following conference series:

  • 863 Accesses

Abstract

Most of DBMS adopt Role-Based Access Control (RBAC) model. Administrative Role-Based Access Control (ARBAC) model intends to decentralize authority management with plural security administrators. They have their work range on the role hierarchy. One problem with this is that legal modification of a role hierarchy may induce unexpected side effects. The Role-Role Assignment 97 (RRA97) model introduced some geometry-based integrity principles to prevent unexpected side effects. They are complex and ambiguous. We analyze the reasons of shortcoming of RRA97 model, and introduce a new concept of authority range for flexible management of role hierarchy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Sandhu, R.: Rationale for the RBAC 1996 Family of Access Control Models. In: Proc. of ACM Workshop on Role-Based Access Control (1995)

    Google Scholar 

  2. Ferraio, D., Cugini, J., Kuhn, R.: Role-based Access Control (RBAC): Features and motivations. In: Proc. of 11th Annual Computer Security Application Conference (1995)

    Google Scholar 

  3. Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2) (1996)

    Google Scholar 

  4. Gavrila, S.I., Barkley, J.F.: Formal Specification for Role Based Access Control User/Role and Role/Role Relationship Management. In: Proc. of the 3rd ACM workshop on Role-Based Access Control (1998)

    Google Scholar 

  5. Sandhu, R., Bhamidipati, Munawer, Q.: The ARBAC97 Model for Role-Based Administration of Roles. ACM Trans. on Information and Systems Security (TISSEC) 2 (1999)

    Google Scholar 

  6. Sandhu, R., Munawer, Q.: The ARBAC99 Model for Administration of Roles. In: Proc. of Annual Computer Security Applications Conference (1999)

    Google Scholar 

  7. Sandhu, R., Munawer, Q.: The RRA97 Model for Role-Based Administration of Role Hierarchies. In: Proc. of Annual Computer Security Applications Conference (1998)

    Google Scholar 

  8. Crampton, J., Loizou, G.: Administrative scope: A foundation for role-based administrative models. ACM Transactions on Information and System Security (TISSEC) 6(2) (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science, Dankook University, San 29 Anseo-dong, Cheonan, 330-714, Korea

    Sejong Oh

Authors
  1. Sejong Oh
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Yonsei University, Shinchon-Dong, 134, Seodaemun-gu, 120-749, Seoul, Korea

    Joo-Seok Song

  2. School of Computer Science and Engineering, Seoul National University,  

    Taekyoung Kwon

  3. Computer Science Department, Google Inc. and Columbia University, 1214 Amsterdam Avenue, 10027, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Oh, S. (2006). New Concept of Authority Range for Flexible Management of Role Hierarchy. In: Song, JS., Kwon, T., Yung, M. (eds) Information Security Applications. WISA 2005. Lecture Notes in Computer Science, vol 3786. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11604938_27

Download citation

  • DOI: https://doi.org/10.1007/11604938_27

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-31012-9

  • Online ISBN: 978-3-540-33153-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation