Published: October 6, 1998
Author(s)
Wayne Jansen (NIST)
Conference
Name: 21st National Information Systems Security Conference (NISSC '98)
Dates: 10/06/1998 - 10/09/1998
Location: Crystal City, Virginia, United States
Citation: Proceedings of the 21st National Information Systems Security Conference (NISSC '98),
Role Based Access Control (RBAC) refers to a class of security mechanisms that mediate access to resources through organizational identities called roles. A number of models have been published that formally describe the basic properties of RBAC. One feature of these models is the notion of a role hierarchy, which represents the relationship among roles that are defined in terms of other roles and inherit basic capabilities from them. This paper explores some interesting characteristics of role hierarchies and how they affect basic RBAC properties such as separation of duty.
Role Based Access Control (RBAC) refers to a class of security mechanisms that mediate access to resources through organizational identities called roles. A number of models have been published that formally describe the basic properties of RBAC. One feature of these models is the notion of a role...
See full abstract
Role Based Access Control (RBAC) refers to a class of security mechanisms that mediate access to resources through organizational identities called roles. A number of models have been published that formally describe the basic properties of RBAC. One feature of these models is the notion of a role hierarchy, which represents the relationship among roles that are defined in terms of other roles and inherit basic capabilities from them. This paper explores some interesting characteristics of role hierarchies and how they affect basic RBAC properties such as separation of duty.
Hide full abstract
Keywords
formal models; RBAC; Role-Based Access Control; role hierarchy
Control Families
None selected