Abstract
Role-based access control (RBAC) can be used to design a security system for on-line applications. The Role Graph Model is the only RBAC system which has the notion of a group graph. We show how using the group graph to assign users to groups rather than directly to roles helps with this security design. We also show how a machine-learning based classifier can be used to do user-group assignment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Al-Kahtani, M.A., Sandhu, R.: A model for attribute-based user-role assignment. In: ACSAC 2002 (2002)
Al-Kahtani, M.A., Sandhu, R.: Induced role hierarchies with attributebased rbac. In: Proceedings ACM SACMAT (2003)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM TISSEC 4(3), 224–275 (2001)
Herzberg, A., Mass, Y., Mihaeli, J.: Access control meets public key infrastructure, or: Assigning roles to strangers. In: IEEE Symposium on Security and Privacy (May 2000)
Ionita, C.M., Osborn, S.L.: Privilege administration for the role graph model. In: Research Directions in Data and Applications Security, Proc. IFIP WG11.3 Working Conference on Database Security, pp. 15–25. Kluwer Academic Publishers, Dordrecht (2003)
Mitchell, T.: Machine Learning. McGraw-Hill, New York (1997)
Nyanchama, M., Osborn, S.L.: Access rights administration in rolebased security systems. In: Biskup, J., Morgenstern, M., Landwehr, C.E. (eds.) Database Security, VIII, Status and Prospects WG11.3 Working Conference on Database Security, pp. 37–56. North-Holland, Amsterdam (1994)
Nyanchama, M., Osborn, S.L.: The role graph model and conflict of interest. ACM TISSEC 2(1), 3–33 (1999)
Osborn, S., Guo, Y.: Modeling users in role-based access control. In: Fifth ACM Workshop on Role-Based Access Control, Berlin, Germany, July 2000, pp. 31–38 (2000)
Sylvia, L.: Osborn, Yan Han, and Liu. A methodology for managing roles in legacy systems. In: Proc. 8th ACM SACMAT, June 2003, pp. 33–40 (2003)
Oh, S., Sandhu, R.: A model of role administration using organization structure. In: Proc. 7th ACM SACMAT, pp. 155–162 (2002)
Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29, 38–47 (1996)
Wang, H., Osborn, S.: An administrative model for role graphs. In: Proc. IFIP WG11.3 Working Conference on Database Security, Estes Park, Colorado (2003)
Zhong, Y., Bhargava, B., Mahoui, M.: Trustworthiness based authorization on WWW. In: IEEE workshop on Security in Distributed Data Warehousing (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sheng, S., Osborn, S.L. (2004). A Classifier-Based Approach to User-Role Assignment for Web Applications. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2004. Lecture Notes in Computer Science, vol 3178. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30073-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-30073-1_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22983-4
Online ISBN: 978-3-540-30073-1
eBook Packages: Springer Book Archive