Trust-based user-role assignment in role-based access control

被引:9
作者
Takabi, Hassan [1 ]
Amini, Morteza [1 ]
Jalili, Rasool [1 ]
机构
[1] Sharif Univ Technol, Dept Comp Engn, Tehran, Iran
来源
2007 IEEE/ACS INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS AND APPLICATIONS, VOLS 1 AND 2 | 2007年
关键词
D O I
10.1109/AICCSA.2007.370725
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Role Based Access Control (RBAC) model is naturally suitable to organizations where users are assigned organizational roles with well-defined privileges. Nowadays, many organizations and enterprises such as banks, insurance industry and utility companies, provide online services to their very large number of users. This shows that assigning users to roles is a intolerable task and maintaining user-role assignment up-to-date is costly and error-prone. Also, with the increasing number of users, RBAC may have problems in prohibiting cheat and changing roles of users. To overcome these problems, user-role assignment decision can be made based on how much we trust him/her In this paper, we propose a model to assign users to roles based on trustworthiness which is fuzzy in nature. The proposed model uses fuzzy relation equations to compute trust values.
引用
收藏
页码:807 / +
页数:3
相关论文
共 19 条
[1]  
ALKAHTANI MA, 2004, P 20 ANN COMP SEC AP
[2]  
ALO R, 2000, ADV INFRASTRUCTURE E
[3]  
American National Standards Institute Inc., 2004, 3592004 ANSI INCITS
[4]  
[Anonymous], 2006, IEEE COMPUTER
[5]  
BERRACHED A, 2006, P 2006 INT C SEC MAN
[6]  
BERRACHED A, 2002, P 35 ANN HAW INT C S
[7]  
BERRACHED A, 2000, P 8 INT C IPMU INF P
[8]  
BERTINO E, 2001, P ACM T INF SYST SEC
[9]  
CHANG EJ, 2005, P 2005 WORKSH SEC WE
[10]  
FERRAIOLO DF, 2001, P ACM T INF SYST SEC
12