Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2002
IEEE
2002
IEEE
A Model for Attribute-Based User-Role Assignment
The Role-Based Access Control (RBAC) model is traditionally used to manually assign users to appropriate roles, based on a specific enterprise policy, thereby authorizing them to use the roles' permissions. In environments where the service-providing enterprise has a huge customer base this task becomes formidable. An appealing solution is to automatically assign users to roles. The central contribution of this paper is to describe a model to dynamically assign users to roles based on a finite set of rules defined by the enterprise. These rules take into consideration the attributes of users and any constraints set forth by the enterprise’s security policy. The model also allows dynamic revocation of assigned roles based on conditions specified in the security policy. The model provides a language to express these rules and defines a mechanism to determine seniority among different rules. The paper also shows how to use the model to express Mandatory Access Controls (MAC).
Real-time Traffic| Added | 14 Jul 2010 |
| Updated | 14 Jul 2010 |
| Type | Conference |
| Year | 2002 |
| Where | ACSAC |
| Authors | Mohammad A. Al-Kahtani, Ravi S. Sandhu |
Comments (0)
Researcher Info
|
