Poster: trans-organizational role-based access control

Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security Pub Date : 2011-10-17 DOI:10.1145/2046707.2093501

Ramon Francisco Pacquiao Mejia, Y. Kaji, H. Seki

{"title":"Poster: trans-organizational role-based access control","authors":"Ramon Francisco Pacquiao Mejia, Y. Kaji, H. Seki","doi":"10.1145/2046707.2093501","DOIUrl":null,"url":null,"abstract":"Role-Based Access Control (RBAC) is a powerful and versatile access control system for large-scale access control management within an organization. Most studies so far consider RBAC models that have a single consistent access control policy, which implicitly confine an RBAC system to one organization. However, many real-world requirements of access control span multiple organizations; thus, there is a need to design scalable RBAC models for such use cases. We propose a trans-organizational RBAC model that enables access control within and across organizations. A formal definition of trans-organizational RBAC is presented. We show that the model is scalable in a multi-organization setup, and does not require the creation of federations. Finally, a security issue in the model is identified and possible approaches to address this are discussed.","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"21 1","pages":"817-820"},"PeriodicalIF":0.0000,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2046707.2093501","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Role-Based Access Control (RBAC) is a powerful and versatile access control system for large-scale access control management within an organization. Most studies so far consider RBAC models that have a single consistent access control policy, which implicitly confine an RBAC system to one organization. However, many real-world requirements of access control span multiple organizations; thus, there is a need to design scalable RBAC models for such use cases. We propose a trans-organizational RBAC model that enables access control within and across organizations. A formal definition of trans-organizational RBAC is presented. We show that the model is scalable in a multi-organization setup, and does not require the creation of federations. Finally, a security issue in the model is identified and possible approaches to address this are discussed.

查看原文本刊更多论文

海报:跨组织基于角色的访问控制

基于角色的访问控制(RBAC)是一种功能强大、用途广泛的访问控制系统，适用于组织内部的大规模访问控制管理。到目前为止，大多数研究都考虑具有单一一致访问控制策略的RBAC模型，这隐式地将RBAC系统限制在一个组织中。然而，许多现实世界的访问控制需求跨越多个组织;因此，有必要为这样的用例设计可伸缩的RBAC模型。我们提出了一个跨组织的RBAC模型，该模型支持组织内部和跨组织的访问控制。提出了跨组织RBAC的正式定义。我们展示了该模型在多组织设置中是可伸缩的，并且不需要创建联邦。最后，指出了模型中的一个安全问题，并讨论了解决该问题的可能方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security

CiteScore

9.20

自引率

0.00%

发文量