RBAC Administration in Distributed Systems

被引:0
作者
Dekker, M. A. C. [1 ]
Crampton, J. [1 ]
Etalle, S. [1 ]
机构
[1] KPMG CT, The Hague, Netherlands
来源
SACMAT'08: PROCEEDINGS OF THE 13TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES | 2008年
关键词
Access control; Distributed System; RBAC; Administration;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Large and distributed access control systems are increasingly common, for example in health care. In such settings, access control policies may become very complex, thus complicating correct and efficient adminstration of the access control system. Despite being one of the most widely used access control standards, RBAC does not include all administration model for distributed systems. In this paper we fill this gap. We present a model for the administration of RBAC in a distributed system and propose all administration procedure supporting the principle that different systems protect different sets of objects. We demonstrate that our procedure fulfills the formal requirements deriving from safety and availability, and we show how it can be translated to a practical implementation. Finally, we show how our model car) be extended with multiple decentralized administrative systems.
引用
收藏
页码:93 / 101
页数:9
相关论文
共 19 条
[1]  
[Anonymous], 2007, P 2007 ACM S INFORM, DOI DOI 10.1145/1229285.1229305
[2]  
[Anonymous], **DROPPED REF**
[3]   Framework for role-based delegation models [J].
Barka, E ;
Sandhu, R .
16TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2000, :168-176
[4]  
BHAMIDIPATI V, 2000, P 23 NAT INF SYST SE, P89
[5]  
Crampton J., 2003, ACM Transactions on Information and Systems Security, V6, P201, DOI 10.1145/762476.762478
[6]  
Crampton J, 2006, LECT NOTES COMPUT SC, V4189, P174
[7]  
DEKKER MAC, 2007, P 2007 ACM S INF COM, P383
[8]  
FERRAIOLO DF, 2003, COMPUTER SECURITY SE
[9]   dRBAC: Distributed role-based access control for dynamic coalition environments [J].
Freudenthal, E ;
Pesin, T ;
Port, L ;
Keenan, E ;
Karamcheti, V .
22ND INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS, PROCEEDINGS, 2002, :411-420
[10]  
KERN A, 2003, P 8 ACM S ACC CONTR, P3