Abstract
Role-based access control (RBAC) can be used to design a security system for on-line applications. The Role Graph Model is the only RBAC system which has the notion of a group graph. We show how using the group graph to assign users to groups rather than directly to roles helps with this security design. We also show how a machine-learning based classifier can be used to do user-group assignment.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Al-Kahtani, M.A., Sandhu, R.: A model for attribute-based user-role assignment. In: ACSAC 2002 (2002)
Al-Kahtani, M.A., Sandhu, R.: Induced role hierarchies with attributebased rbac. In: Proceedings ACM SACMAT (2003)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM TISSEC 4(3), 224–275 (2001)
Herzberg, A., Mass, Y., Mihaeli, J.: Access control meets public key infrastructure, or: Assigning roles to strangers. In: IEEE Symposium on Security and Privacy (May 2000)
Ionita, C.M., Osborn, S.L.: Privilege administration for the role graph model. In: Research Directions in Data and Applications Security, Proc. IFIP WG11.3 Working Conference on Database Security, pp. 15–25. Kluwer Academic Publishers, Dordrecht (2003)
Mitchell, T.: Machine Learning. McGraw-Hill, New York (1997)
Nyanchama, M., Osborn, S.L.: Access rights administration in rolebased security systems. In: Biskup, J., Morgenstern, M., Landwehr, C.E. (eds.) Database Security, VIII, Status and Prospects WG11.3 Working Conference on Database Security, pp. 37–56. North-Holland, Amsterdam (1994)
Nyanchama, M., Osborn, S.L.: The role graph model and conflict of interest. ACM TISSEC 2(1), 3–33 (1999)
Osborn, S., Guo, Y.: Modeling users in role-based access control. In: Fifth ACM Workshop on Role-Based Access Control, Berlin, Germany, July 2000, pp. 31–38 (2000)
Sylvia, L.: Osborn, Yan Han, and Liu. A methodology for managing roles in legacy systems. In: Proc. 8th ACM SACMAT, June 2003, pp. 33–40 (2003)
Oh, S., Sandhu, R.: A model of role administration using organization structure. In: Proc. 7th ACM SACMAT, pp. 155–162 (2002)
Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29, 38–47 (1996)
Wang, H., Osborn, S.: An administrative model for role graphs. In: Proc. IFIP WG11.3 Working Conference on Database Security, Estes Park, Colorado (2003)
Zhong, Y., Bhargava, B., Mahoui, M.: Trustworthiness based authorization on WWW. In: IEEE workshop on Security in Distributed Data Warehousing (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sheng, S., Osborn, S.L. (2004). A Classifier-Based Approach to User-Role Assignment for Web Applications. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2004. Lecture Notes in Computer Science, vol 3178. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30073-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-30073-1_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22983-4
Online ISBN: 978-3-540-30073-1
eBook Packages: Springer Book Archive