Engineering of role/permission assignments

被引：20

作者：

Epstein, P ^{[1
]}

Sandhu, R ^{[1
]}

机构：

[1] George Mason Univ, Manassas, VA 20111 USA

来源：

17TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS | 2001年

关键词：

D O I：

10.1109/ACSAC.2001.991529

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, we develop a model for engineering role-permission assignment. Our model builds upon the well-known RBAC96 model [SCFY96]. Assigning permissions to roles is considered too complex an activity to accomplish directly. Instead we advocate breaking down this process into a number of steps, 4,e specifically introduce the concept of Jobs, work-patterns, and Tasks to facilitate role-permission assignment into a series of smaller steps. We describe methodologies for using this model in two different ways. In a top-down approach, roles are decomposed into permissions, whereas in a bottom-up approach, permissions are aggregated into roles.

引用

页码：127 / 136

页数：10

共 11 条

[1]

[Anonymous], 2000, UNIFIED MODELING LAN, DOI DOI 10.1007/3-540-40011-7_10

[2]

Barkley J., 1995, P 1 ACM WORKSH ROL B, P93

[3]

CHANDRAMOULI R, 1999, 4 ACM WORKSH ROL BAS

[4]

Coyne E. J., 1995, P 1 ACM WORKSH ROL B, P15

[5] Towards a UML based approach to role engineering [J].

Epstein, P ;

Sandhu, R .

FOURTH ACM WORKSHOP ON ROLE-BASED ACCESS CONTROL, PROCEEDINGS, 1999, :135-143

[6] SecureFlow: A secure web-enabled Workflow Management System [J].

Huang, WK ;

Atluri, V .

FOURTH ACM WORKSHOP ON ROLE-BASED ACCESS CONTROL, PROCEEDINGS, 1999, :83-94

[7]

ROECKLE H, 2000, P 5 ACM WORKSH ROL B, P103

[8] Role based access control models [J].

Sandhu, RS ;

Coyne, EJ ;

Feinstein, HL ;

Youman, CE .

COMPUTER, 1996, 29 (02) :38-&

[9]

SANDHU RS, 1998, ADV COMPUTERS, V46

[10] Napoleon network application policy environment [J].

Thomsen, D ;

O'Brien, R ;

Payne, C .

FOURTH ACM WORKSHOP ON ROLE-BASED ACCESS CONTROL, PROCEEDINGS, 1999, :145-152

← 1 2 →