Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration

2009 ◽  
pp. 94-117
Author(s):  
Zhixiong Zhang ◽  
Xinwen Zhang ◽  
Ravi Sandhu
Keyword(s):  
Access Control ◽  
Scale Up ◽  
Control Model ◽  
Security Policies ◽  
Traditional Role ◽  
Access Control Model ◽  
Role Hierarchy ◽  
Role Based ◽  
Organization Based Access Control ◽  
Administrative Tasks

This chapter addresses the problem that traditional role-base access control (RBAC) models do not scale up well for modeling security policies spanning multiple organizations. After reviewing recently proposed Role and Organization Based Access Control (ROBAC) models, an administrative ROBAC model called AROBAC07 is presented and formalized in this chapter. Two examples are used to motivate and demonstrate the usefulness of ROBAC. Comparison between AROBAC07 and other administrative RBAC models are given. We show that ROBAC/AROBAC07 can significantly reduce administration complexity for applications involving a large number of organizational units. Finally, an application compartment-based delegation model is introduced, which provides a method to construct administrative role hierarchy in AROBAC07. We show that the AROBAC07 model provides convenient ways to decentralize administrative tasks for ROBAC systems and scales up well for role-based systems involving a large number of organizational units.

scholarly journals Evolution of access control models for protection of patient details: a survey

2018 ◽  
Vol 7 (2.8) ◽  
pp. 554
Author(s):  
Geetanjali Sinha ◽  
Prabhu Shankar K.C ◽  
Shaurya Jain
Keyword(s):  
Access Control ◽  
Control Model ◽  
Role Based Access Control ◽  
Patient Privacy ◽  
Access Control Model ◽  
Access Control Models ◽  
Control Models ◽  
Role Hierarchy ◽  
Role Based ◽  
Electronic Hospital

Hospitals across the world are adapting to Electronic Hospital Information Systems and are moving away from the manual paper systems to provide patients efficient services. Numerous Access ControlModels have been deployed for securing patient privacy one of them being Role Based Access Control Model (RBAC). The current models merely allow access on the basis of roles and role hierarchy without actually understanding the real intention of the person accessing the system. This could lead to a compromise of patient privacy and thus new methods have been evolving. In this survey we will see an evolution of the access control models which lead to the discovery of KC-RBAC (Knowledge Constrained Role Based Access Control) Model which takes into consideration the knowledge related to the medical domain along with the role to provide authorization.

An Extended Role-Based Access Control Model for CSCW Systems

2010 ◽  
Vol 431-432 ◽  
pp. 577-582
Author(s):  
Bing Chen
Keyword(s):  
Information Security ◽  
Access Control ◽  
Control Model ◽  
Partial Ordering ◽  
Role Based Access Control ◽  
Collaborative Environments ◽  
Traditional Role ◽  
Access Control Model ◽  
Network Attacks ◽  
Role Based

Due to the increasing threat of network attacks, network and information security is an upmost concern for CSCW. Traditional Role-Based Access made focus on the typical roles divided according to organizational roles in CSCW. It is insufficient to have role permissions based on object types for collaborative environments. An extended role-based access control model is proposed in this article to expand role to construct the hierarchy of security domain for CSCW. The total CSCW system was called security domain. Subdomain roles inherit security domain roles. Atomic domain roles inherit subdomain roles under role constrains. All extended role and role constraint are partial ordering and are used to restrict the range of access control for all CSCW participants.

scholarly journals CaACBIM: A Context-aware Access Control Model for BIM

Information ◽  
2019 ◽  
Vol 10 (2) ◽  
pp. 47 ◽  
Author(s):  
Rongyue Zheng ◽  
Jianlin Jiang ◽  
Xiaohan Hao ◽  
Wei Ren ◽  
Feng Xiong ◽  
...  
Keyword(s):  
Access Control ◽  
Life Time ◽  
Control Model ◽  
Mobile Cloud ◽  
Role Based Access Control ◽  
Context Aware ◽  
Traditional Role ◽  
Access Control Model ◽  
User Grouping ◽  
Role Based

A building information model (BIM) is of upmost importance with a full life-time cycle in architecture engineering and construction industry. Smart construction relies on BIM to manipulate information flow, data flow, and management flow. Currently, BIM has been explored mainly for information construction and utilization, but there exist few works concerning information security, e.g., audits of critical models and exposure of sensitive models. Moreover, few BIM systems have been proposed to make use of new computing paradigms, such as mobile cloud computing, blockchain and Internet of Things. In this paper, we propose a Context-aware Access Control (CaAC) model for BIM systems on mobile cloud architectures. BIM data can be confidentially accessed according to contexts in a fine-grained manner. We describe functions of CaAC formally by illustrating location-aware access control and time-aware access control. CaAC model can outperform role-based access control for preventing BIM data leakage by distinguishing contexts. In addition, grouping algorithms are also presented for flexibility, in which basic model (user grouping based on user role permissions) and advanced model (user grouping based on user requests) are differentiated. Compared with the traditional role-based access control model, security and feasibility of CaAC are remarkably improved by distinguishing an identical role with multiple contexts. The average efficiency is improved by 2 n / ( 2 n - p - q ) , and time complexity is O ( n ) .

scholarly journals A 4D-Role Based Access Control Model for Multitenancy Cloud Platform

2016 ◽  
Vol 2016 ◽  
pp. 1-16 ◽  
Author(s):  
Jiangfeng Li ◽  
Zhenyu Liao ◽  
Chenxi Zhang ◽  
Yang Shi
Keyword(s):  
Access Control ◽  
Large Scale ◽  
Control Model ◽  
Role Based Access Control ◽  
Cloud Platform ◽  
Access Control Model ◽  
Role Hierarchy ◽  
User Access ◽  
Role Based ◽  
Novel Concept

Since more and more applications and services have been transferred from servers in the B/S architecture to cloud, user access control has become a significant part in a multitenancy cloud platform. Role based access control model makes users participate in an enterprise system as particular identities. However, in a multitenancy cloud environment, it has a high probability that the information of tenants has been leaked by using existing role based access control (RBAC) model. Moreover, management problems may emerge in the multitenancy platform with the increment of the number of tenants. In this paper, a novel concept of 4D-role is presented. With a detailed definition on the concept of 4D-role, a 4D-role based multitenancy model is proposed for running various applications and services in the multitenancy cloud platform. A theoretical analysis indicates that the model has the characters of tenant isolation, role hierarchy, and administration independence. The three characters are also verified by experimental evaluation. Moreover, the evaluation results indicate that the model has a good performance in using cloud resources when large-scale users are operating in the cloud platform simultaneously.

Sign in / Sign up

Export Citation Format

Share Document