Synonyms
RBAC; Role based security
Definition
Access control is a security service responsible for defining which subjects can perform what type of operations on which objects. A subject is typically an active entity such as a user or a process, and an object is an entity, such as a file, database table or a field, on which the subject can perform some authorized operations. A permission indicates the mode of operation on a particular object.
Role based access control (RBAC) involves controlling access to computer resources and information by (i) defining users, roles, and permissions, and (ii) assigning users and permissions to roles. A user can create a sessionin which he/she can activate a subset of the roles he/she has been assigned to and use the permissions associated with the activated roles. RBAC approach is based on the understanding that a user’s access needs are defined by the roles that he/she plays within his/her organization. In general, a role is considered as a group...
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsRecommended Reading
Ahn G, Sandhu R. Role-based authorization constraints specification. ACM Trans Inf Syst Secur. 2000;3(4):207–26.
American National Standard for Information Technology (ANSI). Role based access control. ANSI INCITS 359-2004, February 2004.
Bertino E, Bonatti PA, Ferrari E. TRBAC: a temporal role-based access control model. ACM Trans Inf Syst Secur. 2001;4(3):191–233.
Bertino E, Catania B, Damiani ML, Perlasca P. GEO-RBAC: a spatially aware RBAC. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies; 2005. p. 29–37.
Chandran SM, Joshi JBD. LoT RBAC: a location and time-based RBAC model. In: Proceedings of the 6th International Conference on Web Information Systems Engineering; 2005. p. 361–75.
Crampton J, Loizou G. Administrative scope: a foundation for role-based administrative models. ACM Trans Inf Syst Secur. 2003;6(2):201–31.
Joshi JBD, Bertino E, Latif U, Ghafoor A. A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng. 2005;17(1): 4–23.
Joshi JBD, Shafiq B, Ghafoor A, Bertino E. Dependencies and separation of duty constraints in GTRBAC. In: Proceedings of the 8th ACM Symposium on Access Control Models and Technologies; 2003. p. 51–64.
Nyanchama M, Osborn SL. The role graph model. In: Proceedings of the 1st ACM Workshop on Role-Based Access Control; 1995.
Osborn S, Sandhu R, Munawer Q. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans Inf Syst Secur. 2000;3(2):85–106.
Piromruen S, Joshi JBD. An RBAC framework for time constrained secure interoperation in multi-domain environment. In: Proceedings of the IEEE Workshop on Object-oriented Real-time Dependable Systems; 2005. p. 36–45.
Sandhu RS, Coyne EJ, Feinstein HL, Youman CE. Role-based access control models. IEEE Comput. 1996;29(2):38–47.
Sandhu R, Bhamidipati V, Munawer Q. The ARBAC97 model for role-based administration of roles. ACM Trans Inf Syst Secur. 1999;2(1): 105–35.
Shafiq B, Joshi JBD, Bertino E, Ghafoor A. Secure interoperation in a multi-domain environment employing RBAC policies. IEEE Trans Knowl Data Eng. 2005;17(11):1557–77.
Zhang L, Ahn G, Chu B. A role-based delegation framework for healthcare information systems. In: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies; 2002. p. 125–34.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Section Editor information
Rights and permissions
Copyright information
© 2018 Springer Science+Business Media, LLC, part of Springer Nature
About this entry
Cite this entry
Zhang, Y., Joshi, J.B. (2018). Role-Based Access Control. In: Liu, L., Özsu, M.T. (eds) Encyclopedia of Database Systems. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-8265-9_320
Download citation
DOI: https://doi.org/10.1007/978-1-4614-8265-9_320
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-8266-6
Online ISBN: 978-1-4614-8265-9
eBook Packages: Computer ScienceReference Module Computer Science and Engineering