scholarly journals Hybrid Role and Attribute Based Access Control Applied in Information Systems

2021 ◽  
Vol 21 (3) ◽  
pp. 85-96
Author(s):  
Maria Penelova
Keyword(s):  
Information Systems ◽  
Access Control ◽  
Accounting Information ◽  
Role Based Access Control ◽  
Accounting Information System ◽  
Fine Grained ◽  
Proposed Model ◽  
Control Scheme ◽  
Attribute Based Access Control ◽  
Role Based

Abstract It this paper it is proposed a new access control model – Hybrid Role and Attribute Based Access Control (HRABAC). It is an extension of Role-Based Access Control (RBAC). HRABAC is designed for information systems and enterprise software and combines the advantages of RBAC and Attribute-Based Access Control (ABAC). HRABAC is easy configurable, fine-grained and supports role hierarchies. The proposed model HRABAC describes the access control scheme in Laravel package laravelroles/rolespermissions, which is developed by the author of the paper, as an answer to the requirements of practice of fine-grained and easy configurable access control solution. Laravel is chosen, because it is the most popular and the most widely used PHP framework. The package laravelroles/rolespermissions is developed on Laravel so that maximum number of programmers could use it. This package contains working and tested functionalities for managing users, roles and permissions, and it is applied in accounting information system.

scholarly journals Object-Specific Role-Based Access Control

2019 ◽  
Vol 28 (01) ◽  
pp. 1950003 ◽  
Author(s):  
Nicolas Mundbrod ◽  
Manfred Reichert
Keyword(s):  
Information Systems ◽  
Access Control ◽  
Specific Role ◽  
Role Based Access Control ◽  
Proof Of Concept ◽  
Privacy And Security ◽  
Fine Grained ◽  
Specific Support ◽  
Attribute Based Access Control ◽  
Role Based

The proper management of privacy and security constraints in information systems in general and access control in particular constitutes a tremendous, but still prevalent challenge. Role-based access control (RBAC) and its variations can be considered as the widely adopted approach to realize authorization in information systems. However, RBAC lacks a proper object-specific support, which disallows establishing the fine-grained access control required in many domains. By comparison, attribute-based access control (ABAC) enables a fine-grained access control based on policies and rules evaluating attributes. As a drawback, ABAC lacks the abstraction of roles. Moreover, it is challenging to engineer and to audit the granted privileges encoded in rule-based policies. This paper presents the generic approach of object-specific role-based access control (ORAC). On one hand, ORAC enables information system engineers, administrators and users to utilize the well-known principle of roles. On the other hand, ORAC allows realizing the access to objects in a fine-grained way where required. The approach was systematically established according to well-elicited key requirements for fine-grained access control in information systems. For the purpose of evaluation, the approach was applied to real-world scenarios and implemented in a proof-of-concept prototype demonstrating its feasibility and applicability.

Deploying Privacy Improved RBAC in Web Information Systems

2011 ◽  
Vol 4 (2) ◽  
pp. 70-87
Author(s):  
Ioannis Mavridis
Keyword(s):  
Information Systems ◽  
Access Control ◽  
System Development ◽  
Security And Privacy ◽  
Just In Time ◽  
Role Based Access Control ◽  
Fine Grained ◽  
Web Information ◽  
Web Information Systems ◽  
Role Based

Access control technology holds a central role in achieving trustworthy management of personally identifiable information in modern information systems. In this article, a privacy-sensitive model that extends Role-Based Access Control (RBAC) to provide privacy protection through fine-grained and just-in-time access control in Web information systems is proposed. Moreover, easy and effective mapping of corresponding components is recognized as an important factor for succeeding in matching security and privacy objectives. Such a process is proposed to be accomplished by capturing and modeling privacy requirements in the early stages of information system development. Therefore, a methodology for deploying the mechanisms of an access control system conforming to the proposed Privacy Improved Role-Based Access Control (PIRBAC) model is presented. To illustrate the application of the proposed methodology, an application example in the healthcare domain is described.

Deploying Privacy Improved RBAC in Web Information Systems

2012 ◽  
pp. 298-315
Author(s):  
Ioannis Mavridis
Keyword(s):  
Information Systems ◽  
Access Control ◽  
System Development ◽  
Security And Privacy ◽  
Just In Time ◽  
Role Based Access Control ◽  
Fine Grained ◽  
Web Information ◽  
Web Information Systems ◽  
Role Based

Access control technology holds a central role in achieving trustworthy management of personally identifiable information in modern information systems. In this article, a privacy-sensitive model that extends Role-Based Access Control (RBAC) to provide privacy protection through fine-grained and just-in-time access control in Web information systems is proposed. Moreover, easy and effective mapping of corresponding components is recognized as an important factor for succeeding in matching security and privacy objectives. Such a process is proposed to be accomplished by capturing and modeling privacy requirements in the early stages of information system development. Therefore, a methodology for deploying the mechanisms of an access control system conforming to the proposed Privacy Improved Role-Based Access Control (PIRBAC) model is presented. To illustrate the application of the proposed methodology, an application example in the healthcare domain is described.

scholarly journals A Novel access control model in cloud computing environment (PAR-AC)

2018 ◽  
Vol 7 (3) ◽  
pp. 1795
Author(s):  
Rini Mahajan ◽  
Manish Mahajan ◽  
Dheerendra Singh
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Control Method ◽  
Information Storage ◽  
Role Based Access Control ◽  
Control Methods ◽  
Fine Grained ◽  
Research Areas ◽  
Attribute Based Access Control ◽  
Role Based

Cloud computing has changed the perspective of information storage worldwide; still it has not fully matured. Security, privacy and access control of the stored data is the biggest concern in the IT industries and these are the major research areas in the field of cloud computing. Although many researchers have proposed variety of access control methods, still there is a scope of improvement. The main objective of this paper is to study the limitations of formerly proposed access control methods and to propose a better new access control method. It is the combination of Attribute based access control (ABAC), Hierarchical Role based access control (HRBAC) and Policy based authentica-tion. As a result we got a fine grained access control method. It also includes the feature of role delegation which is very important in pre-sent scenarios. Comparative analysis shows that proposed method combined many new features with existing access control methods to make the system sound.  

Improving the Information Security of Collaborative Web Portals via Fine-Grained Role-Based Access Control

2010 ◽  
pp. 430-448
Author(s):  
S. Demurjian ◽  
H. Ren ◽  
S. Berhe ◽  
M. Devineni ◽  
Sushil Vegad ◽  
...  
Keyword(s):  
Access Control ◽  
Full Range ◽  
Coarse Grained ◽  
Role Based Access Control ◽  
Security Model ◽  
Web Portals ◽  
Web Based ◽  
Fine Grained ◽  
Role Based ◽  
The Look

Collaborative portals are emerging as a viable technology to allow groups of individuals to easily author, create, update, and share content via easy-to-use Web-based interfaces, for example, MediaWiki, Microsoft’s Sharepoint, and so forth. From a security perspective, these products are often limited and coarse grained in their authorization and authentication. For example, in a Wiki, the security model is often at two ends of the spectrum: anonymous users with no authorization and limited access via readonly browsing vs. registered users with full-range of access and limited oversight in content creation and modification. However, in practice, such full and unfettered access may not be appropriate for all users and for all applications, particularly as the collaborative technology moves into commercial usage (where copyright and intellectual property are vital) or sensitive domains such as healthcare (which ushave stringent HIPAA requirements). In this chapter, we report on our research and development effort of a role-based access control for collaborative Web portals that encompasses and realizes security at the application level, the document level (authoring and viewing), and the look-and-feel of the portal itself.

scholarly journals A Survey on Securing and Optimizing Health Care Bigdata

2018 ◽  
Vol 7 (4.10) ◽  
pp. 504
Author(s):  
K. Kavitha ◽  
D. Anuradha ◽  
P. Pandian
Keyword(s):  
Health Care ◽  
Big Data ◽  
Access Control ◽  
Mathematical Optimization ◽  
Optimization Techniques ◽  
Role Based Access Control ◽  
Attribute Based Access Control ◽  
Optimization And Simulation ◽  
Role Based ◽  
The Cost

Huge amount of health care data are available online to improve the overall performance of health care system. Since this huge health care Big-data is valuable and sensitive, it requires safety. In this paper we analyze numerous ways in which the health care Big-data can be protected. In recent days many augmented security algorithm that are suitable for Big-data have emerged like, El-Gamal, Triple-DES, and Homomorphic algorithms. Also authentication and access control can be implemented over Big-data using Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) schemes.Along with security to Big-data we try to evolve the ways in which the valuable Big-data can be optimized to improve the Big-data analysis. Mathematical optimization techniques such as simple and multi-purpose optimization and simulation are employed in Big-data to maximize the patient satisfaction and usage of doctor’s consulting facility. And also, to minimize the cost spent by patient and energy wasted.  

Sign in / Sign up

Export Citation Format

Share Document