Abstract
RBAC model supports the principle of least privilege by the appropriate combination of roles assigned to users. However, the minimum role set is hard to find. Role hierarchy and inheritance can result in aggregating lots of permissions. To solve this problem, previous work mainly studies the approximate least privilege set by trying to find the minime role sets. However, to reduce the unnecessary privileges is another key issue to solve the problem. To this aim, the concept of task is taken as a kind of constraints introduced to the RBAC model, which contains four constraint rules that can flexibly control the permission inheritance and role activations. An example is showed the four rules can effectively be used to reduce redundanct permissions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Saltzer, J.H., Schroeder, M.D.: The Protection of information in computer system. Proceedings of the IEEE 63(9), 1278–1308 (1975)
Byuens, K., Scandariato, R., Joosen, W.: Least privilege analysis in software architectures. Software and System Modeling (November 2011)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based Access Control Models. IEEE Computer 29, 38–47 (1996)
Dong, L.J., Kang, X.J., Wang, M.C.: How to Find a Rigorous Set of Roles for Application of RBAC. Journal of Software 7(2), 398–407 (2012)
Wei, L., Cai, J.-Y., He, Y.-P.: Implicit Authorization Analysis of Role-Based Administrative Model. Journal of Software 20(4), 1048–1057 (2009) (in Chinese)
ANSI INCITS 359-2004. Role Based Access Control. American National Standards Institute (2004)
Sandhu, R., Bhamidipati, V.: The ASCAA Principles for Next-Generation Role-Based Access Control. In: Proceedings of 3rd International Conference on Availability, Reliability and Security, Barcelona, Spain (2008)
Deng, J.B., Hong, F.: Task-Based Access Control Model. Journal of Software 14(1), 76–82 (2003) (in Chinese)
Oh, S., Park, S.: Task-role-based access control model. Information Systems 28, 533–562 (2003)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ma, L., Zhou, Y., Duan, W. (2014). Extended RBAC Model with Task-Constraint Rules. In: Park, J., Stojmenovic, I., Choi, M., Xhafa, F. (eds) Future Information Technology. Lecture Notes in Electrical Engineering, vol 276. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40861-8_37
Download citation
DOI: https://doi.org/10.1007/978-3-642-40861-8_37
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40860-1
Online ISBN: 978-3-642-40861-8
eBook Packages: EngineeringEngineering (R0)