Topics on RoleBased Access Control Role Administration - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

Topics on RoleBased Access Control Role Administration

Description:

ACM Symposium on Access Control Models and ... mobile and immobile membership. Immobile assignment of a user to a role allows him to make use of the rights ... – PowerPoint PPT presentation

Number of Views:36
Avg rating:3.0/5.0
Slides: 14
Provided by: zhao86
Category:

less

Transcript and Presenter's Notes

Title: Topics on RoleBased Access Control Role Administration


1
Topics on Role-Based Access Control ---- Role
Administration
  • ??
  • zchen_at_is.pku.edu.cn
  • 2003-09

2
Resources
  • ACM Symposium on Access Control Models and
    Technologies (SACMAT), 1995 onwards
  • Previously ACM Workshop on Role-Based Access
    Control (RBAC), 1995-2000
  • ACM Transactions on Information and System
    Security (TISSEC)
  • Conference on Computer and Communications
    Security (CCS)

3
SACMAT 2003 Topics
  • Enterprise Role Administration
  • Constraints
  • RBAC for Collaborative Environments
  • Access Control and Mechanisms
  • Role Engineering
  • Verification
  • Dynamic Access Control

4
Enterprise Role Administration
  • Enterprise Role-Based Access Control (ERBAC)
    Model
  • ARBAC97
  • ARBAC99
  • ARBAC02
  • A-ERBAC

5
ERBAC
6
ERBAC
7
ARBAC97
  • URA97
  • PRA97
  • RRA97
  • Administrative range
  • can_assign(arx, rry, rra, rrb, rrc)
  • Prerequisite condition
  • Any user to be assigned to a role r1 must already
    be assigned to another role r2

8
ARBAC99
  • Example
  • Role Employee Project X is a precondition for
    further assignments within the project by the
    local administrator.
  • There is no way to prohibit further assignments
    for an external consultant.
  • mobile and immobile membership
  • Immobile assignment of a user to a role allows
    him to make use of the rights associated with
    that role, however his role membership does not
    qualify him for any further assignments.

9
ARBAC02
  • User pool
  • Permission pool

10
ARBAC02
11
ARBAC02
12
A-ERBAC
  • scopes

13
A-ERBAC
  • Scope tree
  • Organizational hierarchy
Write a Comment
User Comments (0)
About PowerShow.com