Role-Based ABAC Model for Implementing Least Privileges

Abstract

RBAC and ABAC are well-known access control models due to their least privileges and dynamic behavior respectively. They also have some drawbacks like RBAC is unable to provide dynamic behavior and flexibility as well as ABAC is unable to provide tight security and ease of management of permissions as the RBAC can do. In this paper, a hybrid access control model is proposed and developed that combines the strengths of both models. The proposed model implements the concept of roles between a user and the user's attributes as well as between the object and object attributes, in the ABAC system. The proposed model decreases the load of the administrator, provides least of privileges concept in ABAC due to the addition of roles. Authors also implemented the proposed model and discussed with respect to a case study.