An Administrative Model for Relationship-Based Access Control

Conference paper

DOI: 10.1007/978-3-319-20810-7_4

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9149)
Cite this paper as:
Stoller S.D. (2015) An Administrative Model for Relationship-Based Access Control. In: Samarati P. (eds) Data and Applications Security and Privacy XXIX. DBSec 2015. Lecture Notes in Computer Science, vol 9149. Springer, Cham

Abstract

Relationship-based access control (ReBAC) originated in the context of social network systems and recently is being generalized to be suitable for general computing systems. This paper defines a ReBAC model, based on Crampton and Sellwood’s RPPM model, designed to be suitable for general computing systems. Our ReBAC model includes a comprehensive administrative model. The administrative model is comprehensive in the sense that it allows and controls changes to all aspects of the ReBAC policy. To the best of our knowledge, it is the first comprehensive administrative model for a ReBAC model suitable for general computing systems. The model is illustrated with parts of a sample access control policy for electronic health records in a healthcare network.

Copyright information

© IFIP International Federation for Information Processing 2015

Authors and Affiliations

  1. 1.Department of Computer ScienceStony Brook UniversityStony BrookUSA

Personalised recommendations