An Implementation of Dynamically Administered Role-Based Access Control on the Web

A. K. Mattas(1*), I. K. Mavridis(2), I. G. Pagkalos(3)

(1) Informatics Laboratory, Computers Division, Faculty of Technology, Aristotle University, Greece
(2) Department of Applied Informatics, University of Macedonia, Greece
(3) Informatics Laboratory, Computers Division, Faculty of Technology, Aristotle University, Greece
(*) Corresponding author


DOI's assignment:
the author of the article can submit here a request for assignment of a DOI number to this resource!
Cost of the service: euros 10,00 (for a DOI)

Abstract


Access control administration regulates and enforces the definition of the components of an access control system by authorized administrative users. The shortcomings of classical access control models, as they are applied in today’s Web-based applications that are commonly used in collaborative and distributed enterprise environments, can effectively be addressed by dynamic administration. In this paper, the implementation and application of the DARBAC (Dynamically Administering Role Based Access Control) model in the banking sector is demonstrated. By this demonstration, the benefits that are related to improvements in the administration of role-based access control (RBAC) and provision of tight and just-in-time access control without jeopardizing the simplicity of administration are clearly revealed.
Copyright © 2018 Praise Worthy Prize - All rights reserved.

Keywords


Computer Security; Access Control; RBAC; DARBAC

Full Text:

PDF


References


R. Sandhu, Role-Based Access Contro,. Advances in Computers, (Academic Press, 1998).

R. Kooker, S. Kane, Identity Management: Role Based Access Control for Enterprise Services, Command and Control Research and Technology Symposium, USA, 2004.

A. Kern, M. Kuhlmann, R. Kuropka, A. Ruthert, A Meta Model for Authorizations in Application Security Systems and their Integration into RBAC Administration, Procs of 9th ACM Symposium on Access Control Models and Technologies, New York, USA, 87-96, 2004.

W. Tolone, G. Ahn, T. Pai, S. Hong, Access control in collaborative system, ACM Computing Surveys (CSUR) archive, Vol. 1, n. 37, 29-41, 2005.

W. Yao, K. Moody, J. Bacon, A model of OASIS rolebased access control and its support for active security. In Sixth ACM Symposium on Access Control Models and Technologies, pp. 171-181, 2001.

J. Joshi, W. Aref, A. Ghafoor, E. Spafford, Security Models for Web-Based Applications, Communications of the ACM, Vol. 2, n. 44, pp. 38-44, 2001.

D. Ferraiolo, R. Sandhu, S. Gavrila, D. Kuhn, R. Chandramouli, A Proposed Standard for Role Based Access Control, Transactions on Information and System Security, Vol. 3, n. 4, pp. 224-247, 2001.

R. Chandramouli, R. Sandhu, Role Based Access Control Features in Commercial Database Management System, 21st National Information Systems Security Conference, 1998.

R. Sandhu, Future Directions in Role-Based Access Control Models, In conference: International Workshop MMM-ACNS, St. Petersburg, Russia, pp. 22-26, 2001.

R. Sandhu, V. Bhamidipati, Q. Munawer, The ARBAC97 Model for Role-Based Administration of Roles, Transactions on Information and System Security, pp. 105-135, 1999.

R. Sandhu, Q. Munawer, The ARBAC99 Model for Administration of Roles, Proceedings of the 15th Annual Computer Security Applications Conference (Page: 229, 1999).

S. Oh, R. Sandhu, A Model for Role Administration Using Organization Structure, 7th ACM Symposium on Access Control Models and Technologies, USA, pp. 155-162, 2002.

A. Kern, A. Schaad, J. Moffett, An Administration Concept for the Enterprise Role Based Access Control Model, 8th Symposium on Access Control Models and Technologies, pp. 3-11, 2003.

A. Mattas, I. Mavridis, G. Pangalos, Towards Dynamically Administered Role-Based Access Control, 14th International Workshop on Database and Expert Systems Applications, pp. 494 – 498, 2003.

A. Mattas, I. Mavridis, C. Ilioudis, I. Pangalos, DARBAC: Dynamically Administering Role Based Access Control, WSEAS Transactions on Information Science & Applications, Vol. 3, n. 10, October, 2006.

NET Development, http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnea/html/eaarchover.asp, 2006.

X. Zhang, S. Oh, R. Sandhu, PBDM: a flexible delegation model in RBAC, Proceedings of 8th ACM Symposium on Access Control Models and Technologies, (Como, Italy, pp. 149-157, 2003).

W. Shim, S. Park, Toward an Improved RBAC Model for the Organic Organization, 9th International Conference on Parallel and Distributed Systems, Taiwan, Pages: 437, 2002.

R. Thomas, Team-Based Access Control: A Primitive for Applying Role-Based Access Controls in Collaborative Environments, 2nd ACM Workshop on RBAC, USA, Vol. 3, n. 36, pp. 55-66, 1997.

NET Data Access Architecture Guide, http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/daag.asp, 2003.

NET Security Guidance, http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/authaspdotnet.asp, 2001.

Transport Layer Security, http://www.ietf.org/html.charters/tls-charter.html, 2006.

S. Wu, A. Sheth, J. Miller, Z. Luo, Authorization and Access Control of Application Data in Workflow Systems. Journal of Intelligent Information Systems (JIIS), pp. 71-94, 2002.

V. Atluri, W. Huang, An Authorization Model for Workflows, In Lecture Notes in Computer Science, pp. 44–64, 1996.

K. Venter, M. Olivier, The Delegation Authorization Model: A Model for the Dynamic Delegation of Authorization Rights in a Secure Workflow Management System, ISSA2002, Muldersdrift, South Africa, 2002.

R. Thomas, R. Sandhu, Task-based authorization controls (TBAC): A family of models for active and enterprise-oriented authorization Management, In Database Security, XI: Status and Prospects (eds. T.Y.Lin and S. Qian), Chapman and Hall, London, 1997.

D. Bell, L. LaPadula, Secure Computer Systems: Unified Exposition and Multics Interpretation, Technical Report ESD-TR-75-306, MITRE Corporation, 1976.


Refbacks

  • There are currently no refbacks.



Please send any question about this web site to info@praiseworthyprize.com
Copyright © 2005-2019 Praise Worthy Prize