Internet Archive Scholar

Obligations for Role Based Access Control

Gansen Zhao, David Chadwick, Sassa Otenko
2007 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (175.1 kB)
https://web.archive.org/web/20081031161703/http://www.cs.kent.ac.uk/pubs/2007/2790/content.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2008; you can also visit the original URL. The file type is application/pdf.

Role based access control has been widely used in security critical systems. Conventional role based access control is a passive model, which makes authorization decisions on requests, and the authorization decisions contain only information about whether the corresponding requests are authorised or not. One of the potential improvements for role based access control is the augmentation of obligations, where obligations are tasked and requirements to be fulfilled together with the enforcement
more » ... authorization decisions. This paper conducts a comprehensive literature review about role based access control and obligation related research, and proposes a design of the augmentation of obligations in the context of RBAC standard. The design is then further consolidated in the PERMIS RBAC authorization infrastructure. Details of incorporating obligations into the PERMIS RBAC authorization infrastructure are given. This paper also discusses the possible nondeterminism caused by overlapped authorisation.
doi:10.1109/ainaw.2007.267 dblp:conf/aina/ZhaoCO07 fatcat:yt3y7xagvzhrxef2t5uciv7b6m
Citation

Gansen Zhao, David Chadwick, Sassa Otenko. "Obligations for Role Based Access Control." 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07) (2007) 424-431