Integrating Permission Hierarchy with the Core RBAC model
In large enterprise-wide system, there are lots of sensitive and confidential data such as bank account, identity card number and so on, therefore security administration is one of the biggest challenges. This is particularly true for enterprises that are trying to strengthen security in distributed environments. Role Based Access Control (RBAC) has attracted a great deal of attention in recent years, the roles are assigned to users and permissions are assigned to roles in the model, but there are few representations about relations among the permissions. In this paper the permission hierarchies-RBAC model, called as PHRBAC model is introduced for information security. Based on the core RBAC, this model defines the semantics of partial order to support permissions hierarchies. Finally, we argue the constraints of permissions; some experiments show that PH-RBAC is better than others at many aspects, and it is easy to implement in Management Information System.
Permission Hierarchy RBAC Role Constraints Authorization
Bo Liu Mingjie Tan Yongqi Yang Juan Liao
Information Center Sichuan Radio and TV University Chengdu, China
国际会议
2011 International Conference on Security Science and Technology(ICSST 2011) (2011年安全科学与技术国际会议)
重庆
英文
13-16
2011-01-21(万方平台首次上网日期,不代表论文的发表时间)