Abstract
Most of DBMS adopt Role-Based Access Control (RBAC) model. Administrative Role-Based Access Control (ARBAC) model intends to decentralize authority management with plural security administrators. They have their work range on the role hierarchy. One problem with this is that legal modification of a role hierarchy may induce unexpected side effects. The Role-Role Assignment 97 (RRA97) model introduced some geometry-based integrity principles to prevent unexpected side effects. They are complex and ambiguous. We analyze the reasons of shortcoming of RRA97 model, and introduce a new concept of authority range for flexible management of role hierarchy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sandhu, R.: Rationale for the RBAC 1996 Family of Access Control Models. In: Proc. of ACM Workshop on Role-Based Access Control (1995)
Ferraio, D., Cugini, J., Kuhn, R.: Role-based Access Control (RBAC): Features and motivations. In: Proc. of 11th Annual Computer Security Application Conference (1995)
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2) (1996)
Gavrila, S.I., Barkley, J.F.: Formal Specification for Role Based Access Control User/Role and Role/Role Relationship Management. In: Proc. of the 3rd ACM workshop on Role-Based Access Control (1998)
Sandhu, R., Bhamidipati, Munawer, Q.: The ARBAC97 Model for Role-Based Administration of Roles. ACM Trans. on Information and Systems Security (TISSEC)Â 2 (1999)
Sandhu, R., Munawer, Q.: The ARBAC99 Model for Administration of Roles. In: Proc. of Annual Computer Security Applications Conference (1999)
Sandhu, R., Munawer, Q.: The RRA97 Model for Role-Based Administration of Role Hierarchies. In: Proc. of Annual Computer Security Applications Conference (1998)
Crampton, J., Loizou, G.: Administrative scope: A foundation for role-based administrative models. ACM Transactions on Information and System Security (TISSEC)Â 6(2) (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Oh, S. (2006). New Concept of Authority Range for Flexible Management of Role Hierarchy. In: Song, JS., Kwon, T., Yung, M. (eds) Information Security Applications. WISA 2005. Lecture Notes in Computer Science, vol 3786. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11604938_27
Download citation
DOI: https://doi.org/10.1007/11604938_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-31012-9
Online ISBN: 978-3-540-33153-7
eBook Packages: Computer ScienceComputer Science (R0)