About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
3rd International ICST Symposium on Information Assurance and Security

Research Article

SARBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy

Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1109/IAS.2007.90,
        author={Yue  Zhang and James B.D. Joshi},
        title={SARBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy},
        proceedings={3rd International ICST Symposium on  Information Assurance and Security},
        publisher={IEEE},
        proceedings_a={IAS},
        year={2007},
        month={9},
        keywords={Access control  Centralized control  Computer science  Computer security  Control systems  Information science  Information security  NIST  Permission},
        doi={10.1109/IAS.2007.90}
    }
    
  • Yue Zhang
    James B.D. Joshi
    Year: 2007
    SARBAC07: A Scoped Administration Model for RBAC with Hybrid Hierarchy
    IAS
    IEEE
    DOI: 10.1109/IAS.2007.90
Yue Zhang1,*, James B.D. Joshi2,*
  • 1: Department of Computer Science, University of Pittsburgh Pittsburgh, PA, USA
  • 2: School of Information Science, University of Pittsburgh, Pittsburgh, PA, USA
*Contact email: zysxqn@cs.pitt.edu, jjoshi@sis.pitt.edu

Abstract

Recently, administration of RBAC systems using a role-based approach has become very appealing because of the benefits that such an approach typically brings. This approach uses RBAC itself to manage RBAC policies so that the administration functions can be decentralized and made more efficient. Existing RBAC administration models, however, fail to deal with RBAC systems with hybrid hierarchy, which has been shown to be necessary to specify fine-grained RBAC policies. In this paper, we propose a Scoped Administration model for RBAC with Hybrid Hierarchy (SARBAC07) by using the notion of an administrative scope that was earlier proposed in the SARBAC model. We show that our model keeps all the advantages of the original model and can deal with more complex situations where hybrid hierarchy is needed.

Keywords
Access control Centralized control Computer science Computer security Control systems Information science Information security NIST Permission
Published
2007-09-10
Publisher
IEEE
Modified
2011-08-02
http://dx.doi.org/10.1109/IAS.2007.90
Copyright © 2007–2025 IEEE
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL