Synonyms
RBAC; Role based security
Definition
Access control is a security service responsible for defining which subjects can perform what type of operations on which objects. A subject is typically an active entity such as a user or a process, and an object is an entity, such as a file, database table or a field, on which the subject can perform some authorized operations. A permission indicates the mode of operation on a particular object.
Role based access control (RBAC) involves controlling access to computer resources and information by (i) defining users, roles, and permissions, and (ii) assigning users and permissions to roles. A user can create a sessionin which he/she can activate a subset of the roles he/she has been assigned to and use the permissions associated with the activated roles. RBAC approach is based on the understanding that a user’s access needs are defined by the roles that he/she plays within his/her organization. In general, a role is considered as a group...
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Ahn G, Sandhu R. Role-based authorization constraints specification. ACM Trans Inf Syst Secur. 2000;3(4):207–26.
American National Standard for Information Technology (ANSI). Role based access control. ANSI INCITS 359-2004, February 2004.
Bertino E, Bonatti PA, Ferrari E. TRBAC: a temporal role-based access control model. ACM Trans Inf Syst Secur. 2001;4(3):191–233.
Bertino E, Catania B, Damiani ML, Perlasca P. GEO-RBAC: a spatially aware RBAC. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies; 2005. p. 29–37.
Chandran SM, Joshi JBD. LoT RBAC: a location and time-based RBAC model. In: Proceedings of the 6th International Conference on Web Information Systems Engineering; 2005. p. 361–75.
Crampton J, Loizou G. Administrative scope: a foundation for role-based administrative models. ACM Trans Inf Syst Secur. 2003;6(2):201–31.
Joshi JBD, Bertino E, Latif U, Ghafoor A. A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng. 2005;17(1): 4–23.
Joshi JBD, Shafiq B, Ghafoor A, Bertino E. Dependencies and separation of duty constraints in GTRBAC. In: Proceedings of the 8th ACM Symposium on Access Control Models and Technologies; 2003. p. 51–64.
Nyanchama M, Osborn SL. The role graph model. In: Proceedings of the 1st ACM Workshop on Role-Based Access Control; 1995.
Osborn S, Sandhu R, Munawer Q. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans Inf Syst Secur. 2000;3(2):85–106.
Piromruen S, Joshi JBD. An RBAC framework for time constrained secure interoperation in multi-domain environment. In: Proceedings of the IEEE Workshop on Object-oriented Real-time Dependable Systems; 2005. p. 36–45.
Sandhu RS, Coyne EJ, Feinstein HL, Youman CE. Role-based access control models. IEEE Comput. 1996;29(2):38–47.
Sandhu R, Bhamidipati V, Munawer Q. The ARBAC97 model for role-based administration of roles. ACM Trans Inf Syst Secur. 1999;2(1): 105–35.
Shafiq B, Joshi JBD, Bertino E, Ghafoor A. Secure interoperation in a multi-domain environment employing RBAC policies. IEEE Trans Knowl Data Eng. 2005;17(11):1557–77.
Zhang L, Ahn G, Chu B. A role-based delegation framework for healthcare information systems. In: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies; 2002. p. 125–34.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Section Editor information
Rights and permissions
Copyright information
© 2018 Springer Science+Business Media, LLC, part of Springer Nature
About this entry
Cite this entry
Zhang, Y., Joshi, J.B. (2018). Role-Based Access Control. In: Liu, L., Özsu, M.T. (eds) Encyclopedia of Database Systems. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-8265-9_320
Download citation
DOI: https://doi.org/10.1007/978-1-4614-8265-9_320
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-8266-6
Online ISBN: 978-1-4614-8265-9
eBook Packages: Computer ScienceReference Module Computer Science and Engineering