Proceedings of the 19th ACM Symposium on Access Control Models and Technologies 2014
DOI: 10.1145/2613087.2613101
|View full text |Cite
|
Sign up to set email alerts
|

Sorting out role based access control

Abstract: Role-based access control (RBAC) is a popular framework for modelling access control rules. In this paper we identify a fragment of RBAC called bi-sorted role based access control (RBÄC). We start from the observation that "classic" RBAC blends together subject management aspects and permission management aspects into a single object of indirection: a role. We posit there is merit in distinguishing these administrative perspectives and consequently introducing two distinct objects of indirection: the proper ro… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
7
0

Year Published

2015
2015
2018
2018

Publication Types

Select...
6
1
1

Relationship

0
8

Authors

Journals

citations
Cited by 14 publications
(7 citation statements)
references
References 19 publications
0
7
0
Order By: Relevance
“…The alternative technique for expressing policy is by enumeration. Examples in this category include Policy Machine (PM) [5] and 2-sorted-RBAC [13].…”
Section: Abac Styles and Scopesmentioning
confidence: 99%
See 2 more Smart Citations
“…The alternative technique for expressing policy is by enumeration. Examples in this category include Policy Machine (PM) [5] and 2-sorted-RBAC [13].…”
Section: Abac Styles and Scopesmentioning
confidence: 99%
“…2-sorted-RBAC [13], on the other hand is an example to use enumerated policy in the context of RBAC [18]. In 2sorted-RBAC, roles are split into proper roles containing group of users and demarcations containing group of permissions.…”
Section: Enumerated Policymentioning
confidence: 99%
See 1 more Smart Citation
“…Generally, any ABAC model can be expressed based on logical-formula authorization policy (LAP) or enumerated authorization policy (EAP) [21]. However, most of the proposed ABAC models [3, 4, 7-9, 24, 25] in literature are based on LAP, with very few EAP-ABAC models [5,18,21,26].…”
Section: Introductionmentioning
confidence: 99%
“…The dynamic and decentralized nature of OSNs, where ReBAC is mainly deployed so far, suggests a unified but decentralized solution to enforce administration in a scalable and efficient way. Following the prior success of using role-based access control (RBAC) to manage RBAC [10,19,21,26,31,35], a natural direction for ReBAC adminstration would be using ReBAC itself to manage Re-BAC.…”
Section: Introductionmentioning
confidence: 99%