Encyclopedia of Database Systems

2018 Edition
| Editors: Ling Liu, M. Tamer Özsu

Role-Based Access Control

  • Yue ZhangEmail author
  • James B. D. JoshiEmail author
Reference work entry
DOI: https://doi.org/10.1007/978-1-4614-8265-9_320


RBAC; Role based security


Access control is a security service responsible for defining which subjects can perform what type of operations on which objects. A subject is typically an active entity such as a user or a process, and an object is an entity, such as a file, database table or a field, on which the subject can perform some authorized operations. A permission indicates the mode of operation on a particular object.

Role based access control (RBAC) involves controlling access to computer resources and information by (i) defining users, roles, and permissions, and (ii) assigning users and permissions to roles. A user can create a sessionin which he/she can activate a subset of the roles he/she has been assigned to and use the permissions associated with the activated roles. RBAC approach is based on the understanding that a user’s access needs are defined by the roles that he/she plays within his/her organization. In general, a role is considered as a group...

This is a preview of subscription content, log in to check access.

Recommended Reading

  1. 1.
    Ahn G, Sandhu R. Role-based authorization constraints specification. ACM Trans Inf Syst Secur. 2000;3(4):207–26.CrossRefGoogle Scholar
  2. 2.
    American National Standard for Information Technology (ANSI). Role based access control. ANSI INCITS 359-2004, February 2004.Google Scholar
  3. 3.
    Bertino E, Bonatti PA, Ferrari E. TRBAC: a temporal role-based access control model. ACM Trans Inf Syst Secur. 2001;4(3):191–233.CrossRefGoogle Scholar
  4. 4.
    Bertino E, Catania B, Damiani ML, Perlasca P. GEO-RBAC: a spatially aware RBAC. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies; 2005. p. 29–37.Google Scholar
  5. 5.
    Chandran SM, Joshi JBD. LoT RBAC: a location and time-based RBAC model. In: Proceedings of the 6th International Conference on Web Information Systems Engineering; 2005. p. 361–75.Google Scholar
  6. 6.
    Crampton J, Loizou G. Administrative scope: a foundation for role-based administrative models. ACM Trans Inf Syst Secur. 2003;6(2):201–31.CrossRefGoogle Scholar
  7. 7.
    Joshi JBD, Bertino E, Latif U, Ghafoor A. A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng. 2005;17(1): 4–23.CrossRefGoogle Scholar
  8. 8.
    Joshi JBD, Shafiq B, Ghafoor A, Bertino E. Dependencies and separation of duty constraints in GTRBAC. In: Proceedings of the 8th ACM Symposium on Access Control Models and Technologies; 2003. p. 51–64.Google Scholar
  9. 9.
    Nyanchama M, Osborn SL. The role graph model. In: Proceedings of the 1st ACM Workshop on Role-Based Access Control; 1995.Google Scholar
  10. 10.
    Osborn S, Sandhu R, Munawer Q. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans Inf Syst Secur. 2000;3(2):85–106.CrossRefGoogle Scholar
  11. 11.
    Piromruen S, Joshi JBD. An RBAC framework for time constrained secure interoperation in multi-domain environment. In: Proceedings of the IEEE Workshop on Object-oriented Real-time Dependable Systems; 2005. p. 36–45.Google Scholar
  12. 12.
    Sandhu RS, Coyne EJ, Feinstein HL, Youman CE. Role-based access control models. IEEE Comput. 1996;29(2):38–47.CrossRefGoogle Scholar
  13. 13.
    Sandhu R, Bhamidipati V, Munawer Q. The ARBAC97 model for role-based administration of roles. ACM Trans Inf Syst Secur. 1999;2(1): 105–35.CrossRefGoogle Scholar
  14. 14.
    Shafiq B, Joshi JBD, Bertino E, Ghafoor A. Secure interoperation in a multi-domain environment employing RBAC policies. IEEE Trans Knowl Data Eng. 2005;17(11):1557–77.CrossRefGoogle Scholar
  15. 15.
    Zhang L, Ahn G, Chu B. A role-based delegation framework for healthcare information systems. In: Proceedings of the 7th ACM Symposium on Access Control Models and Technologies; 2002. p. 125–34.Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.University of PittsburghPittsburghUSA

Section editors and affiliations

  • Elena Ferrari
    • 1
  1. 1.DiSTAUniv. of InsubriaVareseItaly