AT-RBAC: An Authentication Trustworthiness-Based RBAC Model
In current operating systems, the strength of authentication mechanism does not work on the authorization of the user, which leaves the system security compromise that the user who has passed weak authentication mechanism may have many access rights. This paper firstly puts forwards the thought of authentication trustworthiness, the aim is to give each authenticated user his authentication trustworthiness. According to user’s trustworthiness, the system will decide which access rights he will have. The more strength is the authentication mechanism, the larger is the user’s authentication trustworthiness. The user’s authentication trustworthiness will be taken as one of access control decision elements, so as to prevent the user with less trustworthiness from owning many access rights. Based on the authentication trustworthiness, this paper puts forwards the authentication trustworthiness-based RBAC model. The model associates authentication trustworthiness withRBAC model, and the authentication trustworthiness of the authenticated user will be decision information to activate his roles and permissions, only those users who satisfy role trust activation condition can activate their roles, users who satisfy permission trust activation condition can activate their permissions. The model provides trust authorization by user’s role and permissions trust activation, satisfies the requirement that different authentication mechanisms with different strength will correspond to different access rights.
KeywordsAccess Control Trust Activation Access Control Model Authentication Mechanism Decision Information
Unable to display preview. Download preview PDF.
- 1.Samar, V., Lai, C.: Making login services independent of authentication technologies. Sun Microsystems (1995), http://java.sun.com/security/jaas/doc/pam.html
- 3.Sandu, R.S., et al.: Role-based Access Control: A Multi-Dimension Vies. In: Proc. Of the 10th Annual Conf. On Computer Security Applications (1994)Google Scholar
- 6.Dong, G.Y., Qing, S.H., Liu, K.: Role-based authorization constraint with time character. Journal of Software 13(8), 1521–1527 (2002)Google Scholar
- 8.Chen, F., Sandhu, R.: Constraints for role-based access control. In: Proceedings of the ACM RBAC Workshop, pp. 39–46. ACM Press, MD (1996)Google Scholar