Semantic Representation of Role and Task Based Access Control
Proper representation of Role and Task in access control mechanism can be a solution for privacy invasion problem. In this paper, authors have designed the Role and Task based access control (RTBAC) model and developed the XML schema for representing the schema of the model. Basic conceptions and entities of RTBAC model include user, role, permission, privilege, task, dependency, application data, data object, and operation. The relationships among entities include user/role assignment (RU), role/privilege assignment (RP), task/role assignment (TR), and task/permission assignment (TP) etc. This model supports object privacy since it introduces a new constraint called Role and Task between subject and object. It supports more constraints on object’s policy than current Role-based Access Control Model does.
KeywordsXML Role and task based access control Role-based access control
- 1.Stajanoand, F., Anderson, R.: The resurrecting duckling security issues for ubiquitous computing. IEEE Security and Privacy, pp. 22–26 (2002)Google Scholar
- 2.Bussard, L., Roudier, Y., Molva, R.: Untraceable secret credentials: Trust establishment with privacy. The Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, pp. 122–126 (2004)Google Scholar
- 3.Lu, H., Xia, T.: The research of role tree-based access control mode. J. Donghua Univ. (Eng. Ed.) 27(2), 274–276 (2010)Google Scholar
- 4.Chae, S.-H., Kim, W.: Semantic representation of RTBAC: Relationship-based access control model. APWeb/WAIM 2007 Ws, LNCS 4537, pp. 554–563 (2007)Google Scholar
- 5.Wang, L., Xie, X.-Y., Yang, Y.-Z., Zhang, A.Y.: An authorization management model based on RTBAC. Guizhou Sci. 27(3), 51–53 (2009)Google Scholar