Engineering of role/permission assignments

被引：20

作者：

Epstein, P ^{[1
]}

Sandhu, R ^{[1
]}

机构：

[1] George Mason Univ, Manassas, VA 20111 USA

来源：

17TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS | 2001年

关键词：

D O I：

10.1109/ACSAC.2001.991529

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, we develop a model for engineering role-permission assignment. Our model builds upon the well-known RBAC96 model [SCFY96]. Assigning permissions to roles is considered too complex an activity to accomplish directly. Instead we advocate breaking down this process into a number of steps, 4,e specifically introduce the concept of Jobs, work-patterns, and Tasks to facilitate role-permission assignment into a series of smaller steps. We describe methodologies for using this model in two different ways. In a top-down approach, roles are decomposed into permissions, whereas in a bottom-up approach, permissions are aggregated into roles.

引用

页码：127 / 136

页数：10

共 11 条

[1] [Anonymous], 2000, UNIFIED MODELING LAN, DOI DOI 10.1007/3-540-40011-7_10
[2] Barkley J., 1995, P 1 ACM WORKSH ROL B, P93
[3] CHANDRAMOULI R, 1999, 4 ACM WORKSH ROL BAS
[4] Coyne E. J., 1995, P 1 ACM WORKSH ROL B, P15
[5] Towards a UML based approach to role engineering
Epstein, P
Sandhu, R
[J]. FOURTH ACM WORKSHOP ON ROLE-BASED ACCESS CONTROL, PROCEEDINGS, 1999, : 135 - 143
[6] SecureFlow: A secure web-enabled Workflow Management System
Huang, WK
Atluri, V
[J]. FOURTH ACM WORKSHOP ON ROLE-BASED ACCESS CONTROL, PROCEEDINGS, 1999, : 83 - 94
[7] ROECKLE H, 2000, P 5 ACM WORKSH ROL B, P103
[8] Role based access control models
Sandhu, RS
Coyne, EJ
Feinstein, HL
Youman, CE
[J]. COMPUTER, 1996, 29 (02) : 38 - &
[9] SANDHU RS, 1998, ADV COMPUTERS, V46
[10] Napoleon network application policy environment
Thomsen, D
O'Brien, R
Payne, C
[J]. FOURTH ACM WORKSHOP ON ROLE-BASED ACCESS CONTROL, PROCEEDINGS, 1999, : 145 - 152

← 1 2 →