Advertisement

Role-based Administration of User-role Assignment and Its Oracle Implementation

  • Lilong Han
  • Qingtan Liu
  • Zongkai Yang
Conference paper
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 252)

Abstract

In role-based access control (RBAC) permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles’ permissions. The principal motivation behind RBAC is to simplify administration. An appealing possibility is to use RBAC itself to manage RBAC, to further provide administrative convenience. In this paper we investigate one aspect of RBAC administration concerning assignment of users to roles. We define a role-based administrative model, called URA (User-Role Assignment), for this purpose and describe its implementation in the Oracle database management system. Although our model is quite different from that built into Oracle, we demonstrate how to use Oracle stored procedures to implement it.

Keywords

Engineer Department Disjunctive Normal Form Security Officer Administrative Role Role Hierarchy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    R.S. Sandhu, E.J. Coyne, H.L. Feinstein and C.E. Youman, Role-based access control models, IEEE Computer 29(2) (1996), 38–47.CrossRefGoogle Scholar
  2. 2.
    S.H. von Solms and I. van der Merwe, The management of computer security profiles using a roleoriented approach, Computers & Security 13(8) (1994), 673–680.CrossRefGoogle Scholar
  3. 3.
    C. Youman, E. Coyne and R. Sandhu, eds, Proceedings of the 1st ACM Workshop on Role-Based Access Control, Nov. 31–Dec. 1, 1995, ACM, 1997.Google Scholar
  4. 4.
    S. Feuerstein, Oracle PL/SQL Programming, O’Reilly & Associates, Inc., 1995.Google Scholar
  5. 5.
    G. Koch and K. Loney, Oracle The Complete Reference, Oracle Press, 1995.Google Scholar
  6. 6.
    L. Guiri and P. Iglio, A formal model for role-based access control with constraints, in: Proceedings of IEEE Computer Security Foundations Workshop 9, Kenmare, Ireland, June 1996, pp. 136–145.Google Scholar
  7. 7.
    R. Sandhu, Rationale for the RBAC96 family of access control models, in: Proceedings of the 1st ACM Workshop on Role-Based Access Control, ACM, 1997.Google Scholar
  8. 8.
    R.S. Sandhu, E.J. Coyne, H.L. Feinstein and C.E. Youman, Role-based access control models, IEEE Computer 29(2) (1996), 38–47.CrossRefGoogle Scholar
  9. 9.
    C. Youman, E. Coyne and R. Sandhu, eds, Proceedings of the 1st ACM Workshop on Role-Based Access Control, Nov. 31–Dec. 1, 1995, ACM, 1997.Google Scholar
  10. 10.
    I. Mohammed and D.M. Dilts, Design for dynamic user-role-based security, Computers & Security 13(8) (1994), 661–671.CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2007

Authors and Affiliations

  • Lilong Han
    • 1
  • Qingtan Liu
    • 1
  • Zongkai Yang
    • 1
  1. 1.Department of Information and Technology&Engineer Research Center on Education Infromation TechnologyHuazhong Normal UniversityWuhanChina

Personalised recommendations