Li, Min and Wang, Hua and Plank, Ashley and Yong, Jianming (2008) Advanced permission-role relationship in role-based access control. In: ACISP 2008:13th Australasian Conference on Information Security and Privacy , 7-9 Jul 2008, Wollongong, Australia.
Metadata
| HTML Citation | EndNote | MODS | Dublin Core | Reference Manager |
Full text available as:
![[img]](/style/images/fileicons/application_pdf.png)
| PDF (Author's version) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader 258Kb | |
| PDF (Documentation) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader 297Kb |
Official URL: http://www.springerlink.com/content/r24412lhh3167432/fulltext.pdf
Identification Number or DOI: doi: 10.1007/978-3-540-70500-0-29
Abstract
Permission-role assignment is an important issue in role-based access control (RBAC). There are two types of problems that may arise in permission-role assignment. One is related to authorization granting process. Conflicting permissions may be granted to a role, and as a result, users with the role may have or derive a high level of authority. The other is related to authorization revocation. When a permission is revoked from a role, the role may still have the permission from other roles. In this paper, we discuss granting and revocation models related to mobile and immobile memberships between permissions and roles, then provide proposed authorization granting algorithm to check conflicts and help allocate the permissions without compromising the security. To our best knowledge, the new revocation models, local and global revocation, have not been studied before. The local and global revocation algorithms based on relational algebra and operations provide a rich variety. We also apply the new algorithms to an anonymity scalable payment scheme.
| Item Type: | Conference or Workshop Item (Commonwealth Reporting Category E) (Paper) |
|---|---|
| Additional Information: | Deposited in accordance with the copyright policy of the publisher. Copyright 2008 Springer. This is the authors' version of the work. It is posted here with permission of the publisher for your personal use. No further distribution is permitted. The item is also available in Lecture Notes in Computer Science v. 5107 at http://www.springerlink.com |
| Uncontrolled Keywords: | RBAC; role-based access control; permission-role assignment |
| Fields of Research (FOR2008): | 08 Information and Computing Sciences > 0806 Information Systems > 080604 Database Management 08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security 08 Information and Computing Sciences > 0806 Information Systems > 080608 Information Systems Development Methodologies |
| Subjects: | 280000 Information, Computing and Communication Sciences > 280100 Information Systems 280000 Information, Computing and Communication Sciences > 280100 Information Systems > 280108 Database Management |
| Socio-Economic Objective (SEO2008): | E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences |
| ID Code: | 4246 |
| Deposited By: | |
| Deposited On: | 02 Jul 2008 14:38 |
| Last Modified: | 29 Feb 2012 14:12 |
Archive Staff Only: edit this record