Skip to main content
SpringerLink
Log in

Role Activation Management in Role Based Access Control

  • Conference paper
Information Security and Privacy (ACISP 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3574))

Included in the following conference series:

Abstract

Role Based Access Control (RBAC) [6] is a popular approach to specify and enforce security policies in organizations. In RBAC, users are not directly assigned permission but with the use of roles as the intermediary. Role activation is one important component in RBAC. A user may activate a subset of his/her assigned roles to exercise the associated permission. This paper proposes a number of ways in which the role activation constraints can be specified and enforced in the enterprise environment. Also, an access control model and an authorization process are proposed to support the specification and enforcement of dynamic separation of duty constraints in a decentralized manner.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bhamidipat, V., Sandhu, R.: Push architectures for user-role assignment. In: National Information Systems Security Conference (2000)

    Google Scholar 

  2. Bhatti, R., Joshi, J., Bertino, E., Ghafoor, A.: X-GTRBAC admin: a decentralized administration model for enterprise wide access control. In: SACMAT 2004: Proceedings of the ninth ACM symposium on Access control models and technologies, pp. 78–86. ACM Press, New York (2004)

    Chapter  Google Scholar 

  3. Dunlop, N., Indulska, J., Raymond, K.: Dynamic policy model for large evolving enterprises. In: EDOC, p. 193 (2001)

    Google Scholar 

  4. Eloff, J.H.P.: Separation of duties for access control enforcement in workflow environments. IBM Systems Journal 40(3), 666–682 (2001)

    Article  Google Scholar 

  5. Ferraiolo, D.F., Barklery, J.F., Richard Kuhn, D.: A role-based access control model and reference implementation within a corporate intranet. ACM Transactions on Information and System Security 2(1), 34–64 (1999)

    Article  Google Scholar 

  6. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-based access control. Artech House, Boston (2003)

    MATH  Google Scholar 

  7. Hine, J.H., Yao, W., Bacon, J., Moody, K.: An architecture for distributed oasis services. In: Coulson, G., Sventek, J. (eds.) Middleware 2000. LNCS, vol. 1795, pp. 104–120. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  8. Oh, S., Sandhu, R.: A model for role administration using organization structure. In: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT 2002), Monterey, Calif., June 3-4, pp. 155–162. ACM, New York (2002)

    Chapter  Google Scholar 

  9. Park, J.S., Sandhu, R.S., Ghanta, S.: Rbac on the web by secure cookies. In: DBSec, pp. 49–62 (1999)

    Google Scholar 

  10. Perwaiz, N.: Structured management of role-permission relationships. In: ACM Workshop on Role Based Access Control archive Proceedings of the sixth ACM symposium on Access control models and technologies, Chantilly, Virginia, United States, pp. 163–169 (2001)

    Google Scholar 

  11. Sandhu, R., Chandramouli, R.: Role based access control features in commercial database management systems. In: 21st National Information Systems Security Conference, Crystal City, Virginia, October 6-9 (1998)

    Google Scholar 

  12. Sandhu, D.F.R., Kuhn, R.: The nist model for role-based access control: Towards a unified standard. In: ACM Workshop on Role-Based Access Control (2000)

    Google Scholar 

  13. Sandhu, R.: Transaction control expressions for separation of duties. In: Proc. of the Fourth Computer Security Applications Conference, pp. 282–286 (1998)

    Google Scholar 

  14. Sandhu, R.: Role activation hierarchies. In: Symposium on Access Control Models and Technologies archive Proceedings of the third ACM workshop on Role-based access control, Fairfax, Virginia, United States, pp. 33–40 (1998) ISBN:1-58113-113-5

    Google Scholar 

  15. Sandhu, R.S., Munawer, Q.: The ARBAC 1999 model for administration of roles. In: Annual Computer Security Applicarions Conference, p. 229 (1999)

    Google Scholar 

  16. Simon, R.T., Zurko, M.E.: Separation of duty in role-based environments. In: IEEE Computer Security Foundations Workshop, pp. 183–194 (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, The University of Hong Kong, Pokfulam, Hong Kong

    Richard W. C. Lui, Sherman S. M. Chow, Lucas C. K. Hui & S. M. Yiu

Authors
  1. Richard W. C. Lui
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sherman S. M. Chow
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lucas C. K. Hui
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. S. M. Yiu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Security Institute, Queensland University of Technology, GPO Box 2434, Qld 4001, Brisbane, Australia

    Colin Boyd

  2. Information Security Institute, Queensland University of Technology, GPO Box 2434, QLD 4001, Brisbane, Australia

    Juan Manuel González Nieto

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lui, R.W.C., Chow, S.S.M., Hui, L.C.K., Yiu, S.M. (2005). Role Activation Management in Role Based Access Control. In: Boyd, C., González Nieto, J.M. (eds) Information Security and Privacy. ACISP 2005. Lecture Notes in Computer Science, vol 3574. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506157_30

Download citation

  • DOI: https://doi.org/10.1007/11506157_30

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26547-4

  • Online ISBN: 978-3-540-31684-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation