Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SACMAT
2004
ACM
2004
ACM
On the role of roles: from role-based to role-sensitive access control
This paper maintains that for an access-control mechanism to support a wide range of policies, it is best to dispense with any built-in semantics for roles in the mechanism itself, leaving such semantics to be defined by particular policies. The validity of this assertion is demonstrated by showing that a mechanism called Law-governed interaction (LGI), which has no built-in concept of roles, can support a wide range of policies that take roles into account. These include RBAC itself, its various generalizations, as well as concepts like budgetary controls, which seems to be quite inconsistent with RBAC. All such policies can be formulated, deployed, and enforced, via a single scalable, and fully implemented LGI mechanism. Categories and Subject Descriptors D.4.6 [Security and Protection]: Access Controls; C.2.4 [Distributed Systems]: Distributed applications General Terms Security Keywords role-based access control, security, access control policy specification and decentralized en...
Real-time Traffic| Added | 30 Jun 2010 |
| Updated | 30 Jun 2010 |
| Type | Conference |
| Year | 2004 |
| Where | SACMAT |
| Authors | Xuhui Ao, Naftaly H. Minsky |
Comments (0)
Researcher Info
|
