RBAC中基于对象的动态任务分离

2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI:10.1109/ICITST.2009.5402642

Muhammad Asif Habib, Christian Praher

{"title":"RBAC中基于对象的动态任务分离","authors":"Muhammad Asif Habib, Christian Praher","doi":"10.1109/ICITST.2009.5402642","DOIUrl":null,"url":null,"abstract":"Role Based Access Control (RBAC) offers tight security of information and ease of management to implement. RBAC is a proven and open ended technology that is being attracted by most of the organizations for its capability to reduce security administration in terms of cost and complexity. The focus of this paper is one of the important factors in RBAC, i.e. Dynamic Separation of Duty (DSD) which is implemented to avoid internal security threats. We discuss DSD from a different perspective i.e. object based separation of duty. Different problems and observations have been described regarding DSD with respect to formal definitions of DSD. Those observations and problems influenced us to go for updated definition of DSD. So, we propose a newly updated definition of DSD. Different examples have been given regarding object based DSD with different scenarios. We also described benefits of implementing newly proposed definition of DSD.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"214 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Object based dynamic separation of duty in RBAC\",\"authors\":\"Muhammad Asif Habib, Christian Praher\",\"doi\":\"10.1109/ICITST.2009.5402642\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Role Based Access Control (RBAC) offers tight security of information and ease of management to implement. RBAC is a proven and open ended technology that is being attracted by most of the organizations for its capability to reduce security administration in terms of cost and complexity. The focus of this paper is one of the important factors in RBAC, i.e. Dynamic Separation of Duty (DSD) which is implemented to avoid internal security threats. We discuss DSD from a different perspective i.e. object based separation of duty. Different problems and observations have been described regarding DSD with respect to formal definitions of DSD. Those observations and problems influenced us to go for updated definition of DSD. So, we propose a newly updated definition of DSD. Different examples have been given regarding object based DSD with different scenarios. We also described benefits of implementing newly proposed definition of DSD.\",\"PeriodicalId\":251169,\"journal\":{\"name\":\"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)\",\"volume\":\"214 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICITST.2009.5402642\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITST.2009.5402642","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 16

摘要

基于角色的访问控制(RBAC)提供了严格的信息安全性和易于管理的实现。RBAC是一种经过验证的开放式技术，由于其在成本和复杂性方面降低安全管理的能力而受到大多数组织的吸引。本文的研究重点是RBAC中的一个重要因素，即为避免内部安全威胁而实施的动态职责分离(DSD)。我们从不同的角度来讨论DSD，即基于对象的职责分离。根据DSD的正式定义，描述了关于DSD的不同问题和观察结果。这些观察和问题影响了我们对DSD的更新定义。因此，我们提出了一个新的DSD定义。针对不同的场景给出了基于对象的DSD的不同示例。我们还描述了实施新提议的DSD定义的好处。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Object based dynamic separation of duty in RBAC

Role Based Access Control (RBAC) offers tight security of information and ease of management to implement. RBAC is a proven and open ended technology that is being attracted by most of the organizations for its capability to reduce security administration in terms of cost and complexity. The focus of this paper is one of the important factors in RBAC, i.e. Dynamic Separation of Duty (DSD) which is implemented to avoid internal security threats. We discuss DSD from a different perspective i.e. object based separation of duty. Different problems and observations have been described regarding DSD with respect to formal definitions of DSD. Those observations and problems influenced us to go for updated definition of DSD. So, we propose a newly updated definition of DSD. Different examples have been given regarding object based DSD with different scenarios. We also described benefits of implementing newly proposed definition of DSD.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 International Conference for Internet Technology and Secured Transactions, (ICITST)

自引率

0.00%

发文量