Evaluating the Risk of Adopting RBAC Roles

13 years 11 months ago

Download ricerca.mat.uniroma3.it

We propose a framework to evaluate the risk incurred when managing users and permissions through RBAC. The risk analysis framework does not require roles to be defined, thus making it applicable before the role engineering phase. In particular, the proposed approach highlights users and permissions that markedly deviate from others, and that might consequently be prone to error when roles are operating. By focusing on such users and permissions during the role definition process, it is possible to mitigate the risk of unauthorized accesses and role misuse.

Alessandro Colantonio, Roberto Di Pietro, Alberto

Real-time Traffic

Database | DBSEC 2007 | DBSEC 2010 | Permissions | Risk Analysis | Role Engineering Phase |

claim paper

» When Role Models Have Flaws Static Validation of Enterprise Security Policies

Post Info
More Details (n/a)

Added	06 Dec 2010
Updated	06 Dec 2010
Type	Conference
Year	2010
Where	DBSEC
Authors	Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, Nino Vincenzo Verde

Comments (0)

Sciweavers

Evaluating the Risk of Adopting RBAC Roles

Database | DBSEC 2007 | DBSEC 2010 | Permissions | Risk Analysis | Role Engineering Phase |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers