Abstract
Companies today manage business information with computer systems and many users access it for their job functions. Companies need security mechanisms to effectively protect important information. Moreover they need to minimize the interruptions from security mechanisms that cause delays in the execution of business activities. It is a difficult problem. In this paper we analyze the requirements of access control in enterprise environment and propose classifications for job functions. We propose a improved access control model for enterprise environment through integration of role based access control and activity based access control model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
C.P. Pfleeger: Security in Computing, second edition, Prentice-Hall International Inc. (1997)
E.G. Amoroso: Fundamentals of Computer Security Technology, PTR Prentice Hall (1994) 253–257
E. Bertino, E. Ferrari, V. Atluri: A Flexible Model Supporting the Specification and Enforcement of Role-based Authorization in Workflow Management Systems, Proc. of 2nd ACM Workshop on Role-Based Access Control (1997)
Dagstull, G. Coulouris, J. Dollimore: A Security Model for Cooperative work: a model and its system implications, Position paper for ACM European SIGOPS Workshop, September (1994)
R.S. Sandhu, P. Samarati: Access Control: Principles and Practice, IEEE Communication Magazine, Sep. (1994) 40–48
R.S. Sandhu, E.J. Coyne, H.L. Feinstein, C.E. Youman: Role-Based Access Control Method, IEEE Computer, vol. 29, Feb. (1996)
D. Ferraio, J. Cugini, R. Kuhn: Role-based Access Control (RBAC): Features and motivations, Proc. of 11th Annual Computer Security Application Conference, Dec. (1995)
W.K. Huang, V. Atluri: SecureFlow: A Secure Web-enabled Workflow Management System, Proc. of 4th ACM Workshop on Role-Based Access Control (1999)
M.S. Oliver, R.P. Reit, E. Gudes: Specifying Application-level Security in Workflow Systems, Proc. of 9’th International Workshop on Database and Expert Systems Applications (1998)
R.K. Thomas: Team-based Access Control (TMAC):A Primitive for Applying Role-based Access Controls in Collaborative Environment, Proc. of 2nd ACM Workshop on Role-Based Access Control (1997)
R.K. Thomas, R.S. Sandhu: Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management, Proc. of the IFTP WG11.3 Workshop on Database Security (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Oh, S., Park, S. (2000). Task-Role Based Access Control (T-RBAC): An Improved Access Control Model for Enterprise Environment. In: Ibrahim, M., Küng, J., Revell, N. (eds) Database and Expert Systems Applications. DEXA 2000. Lecture Notes in Computer Science, vol 1873. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44469-6_25
Download citation
DOI: https://doi.org/10.1007/3-540-44469-6_25
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67978-3
Online ISBN: 978-3-540-44469-5
eBook Packages: Springer Book Archive