3rd International ICST Symposium on Information Assurance and Security

Research Article

SARBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy

  • @INPROCEEDINGS{10.1109/IAS.2007.90,
        author={Yue  Zhang and James B.D. Joshi},
        title={SARBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy},
        proceedings={3rd International ICST Symposium on  Information Assurance and Security},
        publisher={IEEE},
        proceedings_a={IAS},
        year={2007},
        month={9},
        keywords={Access control  Centralized control  Computer science  Computer security  Control systems  Information science  Information security  NIST  Permission},
        doi={10.1109/IAS.2007.90}
    }
    
  • Yue Zhang
    James B.D. Joshi
    Year: 2007
    SARBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy
    IAS
    IEEE
    DOI: 10.1109/IAS.2007.90
Yue Zhang1,*, James B.D. Joshi2,*
  • 1: Department of Computer Science, University of Pittsburgh Pittsburgh, PA, USA
  • 2: School of Information Science, University of Pittsburgh, Pittsburgh, PA, USA
*Contact email: zysxqn@cs.pitt.edu, jjoshi@sis.pitt.edu

Abstract

Recently, administration of RBAC systems using a role-based approach has become very appealing because of the benefits that such an approach typically brings. This approach uses RBAC itself to manage RBAC policies so that the administration functions can be decentralized and made more efficient. Existing RBAC administration models, however, fail to deal with RBAC systems with hybrid hierarchy, which has been shown to be necessary to specify fine-grained RBAC policies. In this paper, we propose a Scoped Administration model for RBAC with Hybrid Hierarchy (SARBAC07) by using the notion of an administrative scope that was earlier proposed in the SARBAC model. We show that our model keeps all the advantages of the original model and can deal with more complex situations where hybrid hierarchy is needed.