Browse > Article
http://dx.doi.org/10.9708/jksci.2022.27.09.131

A Flexible Attribute-based RBAC Model  

Kim, Si-Myeong (Department of Computer Science and Engineering, Dongguk University)
Han, Sang-Hoon (Dept. of Computer Information Security, Korea National University of Welfare)
Abstract
In this paper, we propose an FA-RBAC (FA-RBAC) model based on flexible properties. This model is assigned attribute-role-centric, making it easy to manage objects, as efficient as access control, and as the network environment changes, it can provide flexible access control. In addition, fine-grained permissions and simple access control can be achieved while balancing the advantages and disadvantages of the RBAC and ABAC models, reducing the number of access control rules by combining static attribute-based roles and dynamic attribute-based rules, and verifying the validity and performance benefits of the proposed model through comparison analysis and simulation.
Keywords
RBAC; access control; Attibute; Permission; FA-RBAC;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Yan Xuexiong, Wang Qinxian, Xu Changzheng,"A Multiple Hierarchies RBAC Model",2010 International Conference on Communications and Mobile Computing,24 May 2010,pp 57-60, https://doi.org/10.1109/CMC.2010.117   DOI
2 X. Zhang, Y. Li and D. Nalla, "An attribute-based access matrix model", Proceedings of the 2005 ACM Symposium on Applied Computing, (2005), pp. 359-363. https://doi.org/10.1145/1066677.1066760   DOI
3 Jiwan Ninglekhu, Ram Krishnan "AARBAC: Attribute-Based Administration of Role-Based Access Control", 2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC), IEEE, 15-17 Oct. 2017, DOI: 10.1109/CIC.2017.00027   DOI
4 M. A. C. Dekker,J. G. Cederquist,J. Crampton,S. Etalle,"Extended privilege inheritance in RBAC", ASIACCS '07: Proceedings of the 2nd ACM symposium on Information, computer and communications security,March 2007, pp 383-385. https://doi.org/10.1145/1229285.1229335   DOI
5 B. Malek and A. Miri, "Combining Attribute-Based and Access System", Proceedings of the 12th IEEE International Conference on Computational Science and Engineering, (2009), pp. 305-312. DOI: 10.1109/CSE.2009.157   DOI
6 S. Oh and S. Park, "Task-role-based Access Control Model", Information System, vol. 28, (2003), pp. 533-562. https://doi.org/10.1016/S0306-4379(02)00029-7   DOI
7 J. Park and R. Sandhu, "Towrads usage control models: beyond traditional access control", Proceeding of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT' 02), Monterey, California, USA, (2002), pp. 57-64. https://doi.org/10.1145/507711.507722   DOI
8 Matthew W Sanders,Chuan Yue, "Mining least privilege attribute based access control policies", JACSAC '19: Proceedings of the 35th Annual Computer Security Applications Conference December 2019, pp 404-416. https://doi.org/10.1145/3359789.3359805   DOI
9 Bernhard J. Berger,Christian Maeder,RoDyRigue Wete Nguempnang, Karsten Sohr,Carlos Rubio-MeDyRano(Less) "Towards Effective Verification of Multi-Model Access Control Properties"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies, pp 149-160, May 2019. https://doi.org/10.1145/3322431.3325105   DOI
10 Yingying Yu, Yan Chen, Yuqin Wen,"Task-role based access control model in logistics management system"Proceedings of 2013 IEEE International Conference on Service Operations and Logistics, and Informatics,26 September 2013,pp 130-135. DOI: 10.1109/SOLI.2013.6611396   DOI
11 E. Bertino, P. Bonatti and E.Ferrari, "TRBAC: A Temporal Role-Based Access Control Model", ACM Transactions on Information and System Security, vol.4, no. 3, August 2001, pp. 191-223. https://doi.org/10.1145/501978.501979   DOI
12 Ravi S StAndhu, Edward j. Coyne, Hal L. Feinstein and Charles E. Youman," Role-based Access Control Model", IEEE, pp.38-47, Feb, 1996, DOI: 10.1109/2.485845   DOI
13 Ezedin Barka and Ravi StAnhu, "Framework for Role-based Delegation Model and Some Extensions",Proceedings of the 23rd NIST-NCSC National Information Systems Security Conference, pp.101-114, Baltimore,UStA, October,2000, DOI: 10.1109/ACSAC.2000.898870   DOI
14 Ravi Sandhu, " Role activation hierarchies" RBAC '98: Proceedings of the third ACM workshop on Role-based access controlOctober 1998 Pages 33-40, https://doi.org/10.1145/286884.286891   DOI
15 Zhang L, Ahn .G.J and Chun B.T, "A Rule-based Framework for Role-based Delegation Revocation", ACM TranStActions on Information and System Security , Vol.6, No.3, pp404-441, August, 2003, https://doi.org/10.1145/373256.373289   DOI
16 Tahmina Ahmed, Ravi StAndhu "Classifying and Comparing Attribute-Based and Relationship-Based Access Control" Conference: the Seventh ACM, March 2017. https://doi.org/10.1145/3029806.3029828   DOI
17 D. R. Kuhn, E. J. Coyne and T. R. Weil, "Adding attributes to role-based access control", Computer, vol. 6, (2010), pp. 79-81. DOI: 10.1109/MC.2010.155   DOI