Welcome to the InfoSci Platform
Reference Hub1
Business Driven User Role Assignment: Nimble Adaptation of RBAC to Organizational Changes

Business Driven User Role Assignment: Nimble Adaptation of RBAC to Organizational Changes

Ousmane Amadou Dia, Csilla Farkas
Copyright: © 2013 |Volume: 7 |Issue: 1 |Pages: 18
ISSN: 1930-1650|EISSN: 1930-1669|EISBN13: 9781466631281|DOI: 10.4018/jisp.2013010104
Cite Article Cite Article

MLA

Dia, Ousmane Amadou, and Csilla Farkas. "Business Driven User Role Assignment: Nimble Adaptation of RBAC to Organizational Changes." IJISP vol.7, no.1 2013: pp.45-62. http://doi.org/10.4018/jisp.2013010104

APA

Dia, O. A. & Farkas, C. (2013). Business Driven User Role Assignment: Nimble Adaptation of RBAC to Organizational Changes. International Journal of Information Security and Privacy (IJISP), 7(1), 45-62. http://doi.org/10.4018/jisp.2013010104

Chicago

Dia, Ousmane Amadou, and Csilla Farkas. "Business Driven User Role Assignment: Nimble Adaptation of RBAC to Organizational Changes," International Journal of Information Security and Privacy (IJISP) 7, no.1: 45-62. http://doi.org/10.4018/jisp.2013010104

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

The authors propose a business-oriented approach to support accurate and dynamic user-role assignments for the Role Based Access Control (RBAC) model. Their model, called Business-Driven Role Based Access Control (BD-RBAC), is composed of three layers. The first layer extends the RBAC model with the concepts of business roles, system roles, credentials, and users’ capabilities. The second layer dynamically assigns users to business and system roles, and filters outdated (abnormal) user-role assignments. The third layer supports exception handling and partial authorization. The novel aspect of the work is the adaptation of RBAC-based access control systems to changes in organizational needs, while reducing the burden of security administration. To this end, the authors have developed (1) a series of algorithms to compute internal and external user-role assignments based on organizational policies, users’ requests and capabilities, (2) and shown that their outputs are permissible, i.e., a legitimate user is authorized to activate the role, complete, i.e., a legitimate user can activate the roles necessary to perform all the requested tasks, and minimal, i.e., a legitimate user does not receive any non-authorized or not-needed privileges.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.