Development of a Flexible Access Control Design by Extending RBAC

Abstract

Role based access control (RBAC) has received much attention for more than a decade as one of the most attractive solutions for access control in Web-based information systems. However, its associated characteristics are often not suitable for a varying organization requiring a flexible structure. In order to address this limitation, it may essentially be required to assess more flexibility to access control mechanisms. To this end, we propose a new extended access control mechanisms incorporating three authentication dimensions based on user, department, and role. We then demonstrate that the proposed mechanisms can improve utilization of a Web-based knowledge-sharing system.