Sciweavers

DBSEC
2010

Evaluating the Risk of Adopting RBAC Roles

13 years 11 months ago
Evaluating the Risk of Adopting RBAC Roles
We propose a framework to evaluate the risk incurred when managing users and permissions through RBAC. The risk analysis framework does not require roles to be defined, thus making it applicable before the role engineering phase. In particular, the proposed approach highlights users and permissions that markedly deviate from others, and that might consequently be prone to error when roles are operating. By focusing on such users and permissions during the role definition process, it is possible to mitigate the risk of unauthorized accesses and role misuse.
Alessandro Colantonio, Roberto Di Pietro, Alberto
Added 06 Dec 2010
Updated 06 Dec 2010
Type Conference
Year 2010
Where DBSEC
Authors Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, Nino Vincenzo Verde
Comments (0)