Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2005.12C.7.981

Master Integrity Principle for Effective Management of Role Hierarchy  

Oh Se-Jong (단국대학교 컴퓨터과학과)
Publication Information
The KIPS Transactions:PartC / v.12C, no.7, 2005 , pp. 981-988 More about this Journal
Abstract
Administrative Role-Based Access Control(ARBAC) is a typical model for decentralized authority management by plural security administrators. They have their work range on the role hierarchy. A problem is that legal modification of role hierarch may induce unexpected side effect. Role-Role Assignment 97(RRA97) model introduced some complex integrity principles to prevent the unexpected side effect based on geometric approach. We introduce simple and new one integrity principle based on simple set theory. It is simple and intuitive. It can substitute for all integrity principles of RRA97 model.
Keywords
Security; Access Control; Role Hierarchy; ARBAC;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S.I. Gavrila, J.F. Barkley, 'Formal Specification for Role Based Access Control User/Role and Role/Role Relationship Management', Proc. of the 3rd ACM workshop on Role-Based Access Control, 1998   DOI
2 R. Sandhu, Bhamidipati, Q. Munawer, 'The ARBAC97 Model for Role-Based Administration of Roles', ACM Trans. on Information and Systems Security (TISSEC), Vol.2, 1999   DOI
3 D. Ferraio, J. Cugini, R. Kuhn, 'Role-based Access Control (RBAC) : Features and motivations', Proc. of the 11th Annual Computer Security Application Conference, 1995
4 R. Sandhu, E. Coyne, H. Feinstein, C. Youman, 'Role-Based Access Control Models', IEEE Computer, Vol.29, No.2, 1996   DOI   ScienceOn
5 R. Sandhu, 'Rationale for the RBAC96 Family of Access Control Models', Proc. of the First ACM Workshop on Role-Based Access Control, 1995   DOI
6 J. Crampton, 'On permissions, Inheritance and Hierarchies', Proc. of the 10th ACM Conference on Computer and Communication Security, 2003   DOI
7 J. Crampton, G. Loizou, 'A foundation for role-based administrative models', ACM Transactions on Information and System Security (TISSEC), 2003   DOI
8 M. Koch, L. V. Mancini, F. Parisi-Presicce, 'Administrative scope in the graph-based framework', Proc. of the ninth ACM symposium on Access control models and technologies, 2004   DOI
9 H. F. Wedde, M. Lischka, 'Cooperative role-based administration', Proc. of the eighth ACM symposium on Access control models and technologies, 2003   DOI
10 W. Yao, K. Moody, J. Bacon, 'A model of OASIS role-based access control and its support for active security', Proc. of the sixth ACM symposium on Access control models and technologies, 2001   DOI
11 J.D. Moffett, E.C. Lupu, 'The Uses of Role Hierarchies in Access Control', Proc. of the 4th ACM Workshop on Role-Based Access Control, 1999   DOI
12 R. Sandhu, Q. Munawer, 'The ARBAC99 Model for Administration of Roles', Proc. of the Annual Computer Security Applications Conference, 1999
13 J. Crampton, 'Administrative Scope and Role Hierarchies Operations', Proc. of the 7th ACM Symposium on Access Control Models and Technologies, 2002   DOI
14 R. Sandhu, Q. Munawer, 'The RRA97 Model for Role-Based Administration of Role Hierarchies', Proc. of the Annual Computer Security Applications Conference, 1998   DOI