Analysis of Privilege Escalation Based on Hierarchical RBAC Model

Abstract: As access control policies become more and more complex, the detection of access control vulnerabilities becomes more important. Previous research efforts have concentrated on access control vulnerabilities due to programming errors, while the privilege escalation caused by logic errors or abuse of privileges has seldom attracted researchers’ attention, which is also a kind of access control vulnerabilities. To investigate the property of privilege escalation, hierarchical RBAC model is used to describe comple… Show more

“…Given that a user may use more than one identity, there is a need to share the same basic information for their multiple identities while providing permission isolation between these identities [6] . For example, user Zhang is a resident and staff in community A, and also serves as a grid-charger in community B. Zhang does not want to copy the same basic information to all the three systems for staff, grid-chargers, and residents, nor does he want to query any relevant information of community A when serving as a grid-charger of community B.…”

Design and Implementation of Government Affairs Management System Oriented to Grassroots Community

“…Given that a user may use more than one identity, there is a need to share the same basic information for their multiple identities while providing permission isolation between these identities [6] . For example, user Zhang is a resident and staff in community A, and also serves as a grid-charger in community B. Zhang does not want to copy the same basic information to all the three systems for staff, grid-chargers, and residents, nor does he want to query any relevant information of community A when serving as a grid-charger of community B.…”

Design and Implementation of Government Affairs Management System Oriented to Grassroots Community