• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.265-272
• /
• 2003

RBAC is an Access Control Mechanism for security administration of system resource and technique attracting in commercial fields because of reducing cost and complexity of security administration in large network. Many RBAC's research is progressive but several problems such as the delegation of role have been pointed out concerning the mechanism. It is necessary that a person's role delegate someone with reliability by reasons of a leave of absence, sick leave and the others. But the existing RBAC standards don't give definition of the delegation of roles. In this paper, we propose RBAC model that delegator can delegate subset of role and permission to a delegatee so that more efficient access control may be available.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.9
• /
• pp.131-138
• /
• 2022

In this paper, we propose an FA-RBAC (FA-RBAC) model based on flexible properties. This model is assigned attribute-role-centric, making it easy to manage objects, as efficient as access control, and as the network environment changes, it can provide flexible access control. In addition, fine-grained permissions and simple access control can be achieved while balancing the advantages and disadvantages of the RBAC and ABAC models, reducing the number of access control rules by combining static attribute-based roles and dynamic attribute-based rules, and verifying the validity and performance benefits of the proposed model through comparison analysis and simulation.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11b
• /
• pp.199-201
• /
• 2005

RBAC(Role Based Access Control) 이란 특정 사용자가 어떤 대상에 특정 행동을 하는 데에 있어서 그 사용자가 가진 역할 (Role) 에 의해 접근 가능유무를 판정하게 하는 방법이다. 그 RBAC 에 역할간의 계층관계를 추가한 것이 계층적 RBAC (Hierarchicai RBAC)이다. 본 논문에서는 그런 다른 어플리케이션에 쉽게 추가 되거나 아니면 독자적으로 인증 기능을 가지는 계층적 RBAC 서버에 사용될 수 있는 API 와 그와 관련된 응용 어플리케이션을 자바와 데이터베이스를 이용하여 설계 및 구현하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.625-627
• /
• 2003

역할기반 접근통제(RBAC)모델은 쉬운 관리성과 정책 적용의 유연성, 그리고 정책 중립적인 이점으로 인하여, 현재 많은 컴퓨팅 환경에서 적용되고 있다. 하지만 기존에 연구되었던 RBAC 모델들은 대부분 단일 보안 관리를 가정하므로 최근의 협업 컴퓨팅 환경을 위한 접근통제를 설계하는 데 문제가 있다. 본 논문에서는 협업 컴퓨팅 환경을 다중 도메인 보안(Multi-Domain Security)으로 사상하고, 협업환경을 적절하게 고려하지 않은 RBAC의 적용이 야기할 수 있는 문제점들을 살펴본다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.33-38
• /
• 2001

역할기반 접근제어(RBAC : Role Based Access Control)는 임의적 접근제어와 강제적 접근제어에 비해 견고함과 유연성을 제공한다. 따라서 RBAC은 최근 금융시스템 및 병원시스템 등에서 많은 관심의 대상이 되고 있다. 본 논문에서는 안전성이 인증된 다중등급보안(MLS : Multi-Level Security) 리눅스를 이용하여 인터넷상에서 가상은행의 금융업무를 안전하게 처리할 수 있는 다중등급기반의 RBAC 시스템을 구현함을 보인다.

• The KIPS Transactions:PartC
• /
• v.13C no.6 s.109
• /
• pp.725-732
• /
• 2006

RBAC(Role-Based Access Control) has advantages in managing access controls, because it offers the role inheritance and separation of duty in role hierarchy structures. However, RBAC does not process delegation of permission effectively that occurs frequently in the real world. This paper proposes an Advanced Permission-Based Delegation Model(APBDM) that guarantees permanency of delegated permissions and does not violate security principle of least privilege and separation of duty. APBDM, based on the well-known RBAC96, supports both user-to-user and role-to-role delegation. A delegator can give permission to a specific person, that is delegatee, and the permission can be withdrawn whenever the delegator wants. Our model is analyzed and shown to be effective in the present paper.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 1999.05a
• /
• pp.91-96
• /
• 1999

Role-Based Access Control(RBAC) is an access control mechanism that reduce the cost of administering access control policies. The Admin Tool developed for RBAC Model manages relationship informations of user and role. In order to maintain the consistency of the information for these relationships, a set of properties defining consistency of the relationship informations is required. When it will be designed security systems applying RBAC policy on the Linux server system environments, this paper described consistency properties of relationship informations for information management of user and role relationships. It leads us to the development of minimal set obtainable the equivalent results of consistency properties for a more efficient Admin Tool implementation.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.1-9
• /
• 2006

With role-based access control, access decisions are based on the roles that individual users have as part of an organization. In this paper, we propose a new RBAC model that a user delegate a permission to another user with function-unit for practical organization. A function-unit delegation is more safe than existing delegations on RBAC model. And FuRBAC model has a authentication to supervise security problems.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2000.11a
• /
• pp.510-513
• /
• 2000

앞으로 전산 시스템에서는 독자적인 사용자의 전산 시스템 이용보다는 조직내의 다수의 작업 참여자간의 의사소통과 정보의 교환 및 공유가 원활히 이루어지도록 할 수 있는 시스템의 지원이 필요하게 되었다. 이러한 전산환경을 CSCW(Computer Supported Cooperative Work)환경이라고 하며 많은 구성원이 공통된 자원을 공유함으로 해서 발생할 수 있는 보안 문제가 발생하게 된다. 이 문제를 해결하기 위한 방안으로 최근 다수의 사용자가 공유자원을 사용하는데 있어 발생할 수 있는 관리의 복잡성을 해결하기 위해 RBAC(Role Based Access Control) 개념이 연구되고 있다. 그러나 CSCW환경과 같이 Work개념이 중요한 환경에서는 기존의 RBAC개념만으로는 공유자원의 접근제어문제 해결에 어려움이 있어 본 논문에서는 Work개념을 RBAC모델에 도입한 CSCW환경 하에서의 RBAC 모델을 제시해 보고자 한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.4
• /
• pp.57-66
• /
• 2011

We implemented the document DRM applying role based access control(RBAC) mechanism for preventing the information leakage of a document which is transmitted in network environment. It must prevent to access document not related to user role and duty, and must allow operation to document for improving security, considering user role and security level according to a document importance. We improved the security of document DRM by adding to the access control module applying RBAC for satisfying security requirements. Though the user access document, our system allows operation authorizations to document by the user's role & security level and the security attribute of RBAC. Our system prevents indiscriminate access to the documents by user who is not associated with the role, and prevents damage the confidentiality and integrity.