Extended RBAC Model with Task-Constraint Rules

  • Li Ma
  • Yanjie Zhou
  • Wei Duan
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 276)


RBAC model supports the principle of least privilege by the appropriate combination of roles assigned to users. However, the minimum role set is hard to find. Role hierarchy and inheritance can result in aggregating lots of permissions. To solve this problem, previous work mainly studies the approximate least privilege set by trying to find the minime role sets. However, to reduce the unnecessary privileges is another key issue to solve the problem. To this aim, the concept of task is taken as a kind of constraints introduced to the RBAC model, which contains four constraint rules that can flexibly control the permission inheritance and role activations. An example is showed the four rules can effectively be used to reduce redundanct permissions.


Access control RBAC Task Role 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Saltzer, J.H., Schroeder, M.D.: The Protection of information in computer system. Proceedings of the IEEE 63(9), 1278–1308 (1975)CrossRefGoogle Scholar
  2. 2.
    Byuens, K., Scandariato, R., Joosen, W.: Least privilege analysis in software architectures. Software and System Modeling (November 2011)Google Scholar
  3. 3.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based Access Control Models. IEEE Computer 29, 38–47 (1996)CrossRefGoogle Scholar
  4. 4.
    Dong, L.J., Kang, X.J., Wang, M.C.: How to Find a Rigorous Set of Roles for Application of RBAC. Journal of Software 7(2), 398–407 (2012)CrossRefGoogle Scholar
  5. 5.
    Wei, L., Cai, J.-Y., He, Y.-P.: Implicit Authorization Analysis of Role-Based Administrative Model. Journal of Software 20(4), 1048–1057 (2009) (in Chinese)Google Scholar
  6. 6.
    ANSI INCITS 359-2004. Role Based Access Control. American National Standards Institute (2004)Google Scholar
  7. 7.
    Sandhu, R., Bhamidipati, V.: The ASCAA Principles for Next-Generation Role-Based Access Control. In: Proceedings of 3rd International Conference on Availability, Reliability and Security, Barcelona, Spain (2008)Google Scholar
  8. 8.
    Deng, J.B., Hong, F.: Task-Based Access Control Model. Journal of Software 14(1), 76–82 (2003) (in Chinese)Google Scholar
  9. 9.
    Oh, S., Park, S.: Task-role-based access control model. Information Systems 28, 533–562 (2003)MATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  1. 1.School of Mathematical and Computer ScienceJiangxi Science & Technology Normal UniversityNanchangChina

Personalised recommendations