Skip to main content
SpringerLink
Log in

Extended RBAC Model with Task-Constraint Rules

  • Conference paper
Future Information Technology

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 276))

Abstract

RBAC model supports the principle of least privilege by the appropriate combination of roles assigned to users. However, the minimum role set is hard to find. Role hierarchy and inheritance can result in aggregating lots of permissions. To solve this problem, previous work mainly studies the approximate least privilege set by trying to find the minime role sets. However, to reduce the unnecessary privileges is another key issue to solve the problem. To this aim, the concept of task is taken as a kind of constraints introduced to the RBAC model, which contains four constraint rules that can flexibly control the permission inheritance and role activations. An example is showed the four rules can effectively be used to reduce redundanct permissions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Saltzer, J.H., Schroeder, M.D.: The Protection of information in computer system. Proceedings of the IEEE 63(9), 1278–1308 (1975)

    Article  Google Scholar 

  2. Byuens, K., Scandariato, R., Joosen, W.: Least privilege analysis in software architectures. Software and System Modeling (November 2011)

    Google Scholar 

  3. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based Access Control Models. IEEE Computer 29, 38–47 (1996)

    Article  Google Scholar 

  4. Dong, L.J., Kang, X.J., Wang, M.C.: How to Find a Rigorous Set of Roles for Application of RBAC. Journal of Software 7(2), 398–407 (2012)

    Article  Google Scholar 

  5. Wei, L., Cai, J.-Y., He, Y.-P.: Implicit Authorization Analysis of Role-Based Administrative Model. Journal of Software 20(4), 1048–1057 (2009) (in Chinese)

    Google Scholar 

  6. ANSI INCITS 359-2004. Role Based Access Control. American National Standards Institute (2004)

    Google Scholar 

  7. Sandhu, R., Bhamidipati, V.: The ASCAA Principles for Next-Generation Role-Based Access Control. In: Proceedings of 3rd International Conference on Availability, Reliability and Security, Barcelona, Spain (2008)

    Google Scholar 

  8. Deng, J.B., Hong, F.: Task-Based Access Control Model. Journal of Software 14(1), 76–82 (2003) (in Chinese)

    Google Scholar 

  9. Oh, S., Park, S.: Task-role-based access control model. Information Systems 28, 533–562 (2003)

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Mathematical and Computer Science, Jiangxi Science & Technology Normal University, Nanchang, China

    Li Ma, Yanjie Zhou & Wei Duan

Authors
  1. Li Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yanjie Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wei Duan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Li Ma .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Seoul University of Science & and Technology (SeoulTech), Seoul, Korea, Republic of (South Korea)

    James J. (Jong Hyuk) Park

  2. SEECS, University of Ottawa, Ottawa, Ontario, Canada

    Ivan Stojmenovic

  3. School of Information and Communication Engineering, Chungbuk National University, Chungbuk, Korea, Republic of (South Korea)

    Min Choi

  4. Department of Languages and Informatics Systems, Polytechnic University of Catalonia, Barcelona, Spain

    Fatos Xhafa

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ma, L., Zhou, Y., Duan, W. (2014). Extended RBAC Model with Task-Constraint Rules. In: Park, J., Stojmenovic, I., Choi, M., Xhafa, F. (eds) Future Information Technology. Lecture Notes in Electrical Engineering, vol 276. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40861-8_37

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40861-8_37

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40860-1

  • Online ISBN: 978-3-642-40861-8

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation