Advertisement

AT-RBAC: An Authentication Trustworthiness-Based RBAC Model

  • Lunwei Wang
  • Lifeng Wei
  • Xiangke Liao
  • Huaimin Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3252)

Abstract

In current operating systems, the strength of authentication mechanism does not work on the authorization of the user, which leaves the system security compromise that the user who has passed weak authentication mechanism may have many access rights. This paper firstly puts forwards the thought of authentication trustworthiness, the aim is to give each authenticated user his authentication trustworthiness. According to user’s trustworthiness, the system will decide which access rights he will have. The more strength is the authentication mechanism, the larger is the user’s authentication trustworthiness. The user’s authentication trustworthiness will be taken as one of access control decision elements, so as to prevent the user with less trustworthiness from owning many access rights. Based on the authentication trustworthiness, this paper puts forwards the authentication trustworthiness-based RBAC model. The model associates authentication trustworthiness withRBAC model, and the authentication trustworthiness of the authenticated user will be decision information to activate his roles and permissions, only those users who satisfy role trust activation condition can activate their roles, users who satisfy permission trust activation condition can activate their permissions. The model provides trust authorization by user’s role and permissions trust activation, satisfies the requirement that different authentication mechanisms with different strength will correspond to different access rights.

Keywords

Access Control Trust Activation Access Control Model Authentication Mechanism Decision Information 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Samar, V., Lai, C.: Making login services independent of authentication technologies. Sun Microsystems (1995), http://java.sun.com/security/jaas/doc/pam.html
  2. 2.
    Sandu, R.S., et al.: Role-Based Access Control Models. IEEE computer 29(2), 38–47 (1996)MathSciNetGoogle Scholar
  3. 3.
    Sandu, R.S., et al.: Role-based Access Control: A Multi-Dimension Vies. In: Proc. Of the 10th Annual Conf. On Computer Security Applications (1994)Google Scholar
  4. 4.
    Ferraiolo, D.F., Sandhu, R., Gavrila, S.: Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)CrossRefGoogle Scholar
  5. 5.
    Ahn, G.-J., Sandhu, R.: Role-Based authorization constraints specification. ACM Transactions on Information and System Security 3(4), 207–226 (2000)CrossRefGoogle Scholar
  6. 6.
    Dong, G.Y., Qing, S.H., Liu, K.: Role-based authorization constraint with time character. Journal of Software 13(8), 1521–1527 (2002)Google Scholar
  7. 7.
    Jaeger, T.: On the increasing importance of constraints. In: Proceedings of 4th ACM Workshop on Role-Based Access Control, pp. 33–42. ACM Press, Fairefax (1999)CrossRefGoogle Scholar
  8. 8.
    Chen, F., Sandhu, R.: Constraints for role-based access control. In: Proceedings of the ACM RBAC Workshop, pp. 39–46. ACM Press, MD (1996)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Lunwei Wang
    • 1
  • Lifeng Wei
    • 1
  • Xiangke Liao
    • 1
  • Huaimin Wang
    • 1
  1. 1.School of Computer ScienceNational University of Defense TechnologyChangshaChina

Personalised recommendations